Google Git
Sign in
apache / axis-site / 1e2186fa6c8b715a5df1ab4faa236b916c4d02f2 / . / axis2 / java / rampart-staging / setting-up-sts.html
blob: 088922ad77b09d72c51c59651c208d72d3fcb421 [file] [log] [blame]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 12 Dec 2015 -->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Apache Rampart &#x2013; Setting up a Security Token Service</title>
<style type="text/css" media="all">
@import url("./css/maven-base.css");
@import url("./css/maven-theme.css");
@import url("./css/site.css");
</style>
<link rel="stylesheet" href="./css/print.css" type="text/css" media="print" />
<meta name="Date-Revision-yyyymmdd" content="20151212" />
<meta http-equiv="Content-Language" content="en" />
</head>
<body class="composite">
<div id="banner">
<a href="images/apache-rampart-logo.jpg" id="bannerLeft">
Apache Rampart
</a>
<a href="http://www.apache.org" id="bannerRight">
<img src="http://www.apache.org/images/asf_logo_wide.png" alt="$alt" />
</a>
<div class="clear">
<hr/>
</div>
</div>
<div id="breadcrumbs">
<div class="xleft">
<span id="publishDate">Last Published: 12 Dec 2015</span>
&nbsp;| <span id="projectVersion">Version: 1.6.3</span>
</div>
<div class="xright"> <a href="../core/" title="Apache Axis2/Java">Apache Axis2/Java</a>
</div>
<div class="clear">
<hr/>
</div>
</div>
<div id="leftColumn">
<div id="navcolumn">
<h5>Apache Rampart</h5>
<ul>
<li class="none">
<a href="index.html" title="Home">Home</a>
</li>
<li class="expanded">
<a href="javascript:void(0)" title="Downloads">Downloads</a>
<ul>
<li class="none">
<a href="download.html" title="Releases">Releases</a>
</li>
<li class="none">
<a href="svn.html" title="Source Code">Source Code</a>
</li>
</ul>
</li>
<li class="expanded">
<a href="javascript:void(0)" title="Release Notes">Release Notes</a>
<ul>
<li class="none">
<a href="release-notes/1.6.1.html" title="1.6.1">1.6.1</a>
</li>
<li class="none">
<a href="release-notes/1.6.2.html" title="1.6.2">1.6.2</a>
</li>
<li class="none">
<a href="release-notes/1.6.3.html" title="1.6.3">1.6.3</a>
</li>
</ul>
</li>
</ul>
<h5>Documentation</h5>
<ul>
<li class="none">
<a href="quick-start.html" title="Getting Started">Getting Started</a>
</li>
<li class="none">
<a href="samples.html" title="Samples">Samples</a>
</li>
<li class="none">
<a href="http://wiki.apache.org/ws/FrontPage/Rampart/FAQ" class="externalLink" title="FAQ">FAQ</a>
</li>
<li class="none">
<a href="rampartconfig-guide.html" title="Rampart Configuration">Rampart Configuration</a>
</li>
<li class="none">
<strong>STS Configuration</strong>
</li>
<li class="none">
<a href="developer-guide.html" title="Developer Guide">Developer Guide</a>
</li>
<li class="none">
<a href="siteHowTo.html" title="Build the Site">Build the Site</a>
</li>
</ul>
<h5>Resources</h5>
<ul>
<li class="none">
<a href="articles.html" title="Articles">Articles</a>
</li>
<li class="none">
<a href="specifications.html" title="Specifications">Specifications</a>
</li>
<li class="none">
<a href="apidocs/index.html" title="Online Javadocs">Online Javadocs</a>
</li>
</ul>
<h5>Project Information</h5>
<ul>
<li class="none">
<a href="team-list.html" title="Project Team">Project Team</a>
</li>
<li class="none">
<a href="http://issues.apache.org/jira/browse/Rampart" class="externalLink" title="Issue Tracking">Issue Tracking</a>
</li>
<li class="none">
<a href="mail-lists.html" title="Mailing Lists">Mailing Lists</a>
</li>
<li class="none">
<a href="http://svn.apache.org/viewvc/axis/axis2/java/rampart/" class="externalLink" title="Source Code">Source Code</a>
</li>
<li class="none">
<a href="http://www.apache.org/licenses/" class="externalLink" title="License">License</a>
</li>
<li class="none">
<a href="http://www.apache.org/foundation/sponsorship.html" class="externalLink" title="Sponsorship">Sponsorship</a>
</li>
<li class="none">
<a href="http://www.apache.org/foundation/thanks.html" class="externalLink" title="Thanks">Thanks</a>
</li>
<li class="none">
<a href="http://www.apache.org/security/" class="externalLink" title="Security">Security</a>
</li>
</ul>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="poweredBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
</a>
</div>
</div>
<div id="bodyColumn">
<div id="contentBox">
<!-- ~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License. -->
<h1>Setting up a Security Token Service</h1>
<div class="section">
<h3><a name="Setting_up_a_Security_Token_Service"></a>Setting up a Security Token Service</h3>
<p>Security Token Service can be set up as per WS-Trust specification using Rampart. The default security token service shipped with the rampart distribution is contained in the rampart-trust.mar module. It can issue SCT tokens and SAML tokens. Sample05 contains a client that connects to the default STS and obtain a SAML token. The services.xml in the sample contains &quot;saml-issuer-config&quot; parameter that is used to configure the default SAML issuer.</p>
<b>STS with a custom issuer</b>
<p>First the default rampart.mar has to be removed from the modules. Then write you own issuer implementing the <tt>&quot;org.apache.rahas.TokenIssuer&quot;</tt> interface. Let's say that your issuer is <tt>&quot;org.custom.MyIssuer&quot;</tt>. Then create a Axis2 service archive with the following in the services.xml. Drop the archive into the repository and you have a STS with a CustomToken issuer.</p>
<div>
<pre>
&lt;module ref=&quot;rampart&quot; /&gt;
&lt;operation name=&quot;IssueToken&quot;
mep=&quot;http://www.w3.org/2006/01/wsdl/in-out&quot;&gt;
&lt;messageReceiver
class=&quot;org.apache.rahas.STSMessageReceiver&quot;/&gt;
&lt;!-- Action mapping to accept RST requests --&gt;
&lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT&lt;/actionMapping&gt;
&lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue&lt;/actionMapping&gt;
&lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Renew&lt;/actionMapping&gt;
&lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Cancel&lt;/actionMapping&gt;
&lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel&lt;/actionMapping&gt;
&lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Validate&lt;/actionMapping&gt;
&lt;parameter name=&quot;token-dispatcher-configuration&quot;&gt;
&lt;token-dispatcher-configuration&gt;
&lt;!-- Issuers. You may have many issuers. --&gt;
&lt;issuer class=&quot;org.custom.MyIssuer&quot; default=&quot;true&quot;&gt;
&lt;configuration
type=&quot;parameter&quot;&gt;saml-issuer-config&lt;/configuration&gt;
&lt;tokenType&gt;http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1&lt;/tokenType&gt;
&lt;/issuer&gt;
&lt;/token-dispatcher-configuration&gt;
&lt;/parameter&gt;
&lt;/operation&gt;
</pre></div>
</div>
</div>
</div>
<div class="clear">
<hr/>
</div>
<div id="footer">
<div class="xright">
Copyright &#169; 2005&#x2013;2015
<a href="http://www.apache.org">Apache Software Foundation</a>.
All rights reserved.
</div>
<div class="clear">
<hr/>
</div>
</div>
</body>
</html>