axis2/java/rampart/setting-up-sts.html - axis-site - Git at Google

 <!DOCTYPE html>


 <!--
  | Generated by Apache Maven Doxia Site Renderer 2.0.0 from src/site/xdoc/setting-up-sts.xml at 01 Dec 2024
  | Rendered using Apache Maven Fluido Skin 2.0.0-M11
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1" />
     <meta name="generator" content="Apache Maven Doxia Site Renderer 2.0.0" />
     <title>Setting up a Security Token Service – Apache Rampart</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-2.0.0-M11.min.css" />
     <link rel="stylesheet" href="./css/site.css" />
     <link rel="stylesheet" href="./css/print.css" media="print" />
     <script src="./js/apache-maven-fluido-2.0.0-M11.min.js"></script>
   </head>
   <body>
     <div class="container-fluid container-fluid-top">
       <header>
         <div id="banner">
           <div class="pull-left"><div id="bannerLeft"><h1><img class="class java.lang.Object" src="images/apache-rampart-logo.jpg" /></h1></div></div>
           <div class="pull-right"><div id="bannerRight"><h1><a href="http://www.apache.org"><img class="class java.lang.Object" src="http://www.apache.org/images/asf_logo_wide.png" /></a></h1></div></div>
           <div class="clear"><hr/></div>
         </div>

         <div id="breadcrumbs">
           <ul class="breadcrumb">
         <li id="publishDate">Last Published: 01 Dec 2024<span class="divider">|</span>
 </li>
           <li id="projectVersion">Version: 1.8.0</li>
         <li class="pull-right"><a href="../core/">Apache Axis2/Java</a></li>
           </ul>
         </div>
       </header>
       <div class="row-fluid">
         <header id="leftColumn" class="span2">
           <nav class="well sidebar-nav">
   <ul class="nav nav-list">
    <li class="nav-header">Apache Rampart</li>
     <li><a href="index.html">Home</a></li>
     <li><a href="javascript:void(0)"><span class="icon-chevron-down"></span>Downloads</a>
      <ul class="nav nav-list">
       <li><a href="download.html">Releases</a></li>
      </ul></li>
     <li><a href="javascript:void(0)"><span class="icon-chevron-down"></span>Release Notes</a>
      <ul class="nav nav-list">
       <li><a href="release-notes/1.6.1.html">1.6.1</a></li>
       <li><a href="release-notes/1.6.2.html">1.6.2</a></li>
       <li><a href="release-notes/1.6.3.html">1.6.3</a></li>
       <li><a href="release-notes/1.6.4.html">1.6.4</a></li>
       <li><a href="release-notes/1.7.0.html">1.7.0</a></li>
       <li><a href="release-notes/1.8.0.html">1.8.0</a></li>
      </ul></li>
    <li class="nav-header">Documentation</li>
     <li><a href="quick-start.html">Getting Started</a></li>
     <li><a href="samples.html">Samples</a></li>
     <li><a href="http://wiki.apache.org/ws/FrontPage/Rampart/FAQ" class="externalLink">FAQ</a></li>
     <li><a href="rampartconfig-guide.html">Rampart Configuration</a></li>
     <li class="active"><a>STS Configuration</a></li>
     <li><a href="developer-guide.html">Developer Guide</a></li>
    <li class="nav-header">Resources</li>
     <li><a href="articles.html">Articles</a></li>
     <li><a href="specifications.html">Specifications</a></li>
     <li><a href="apidocs/index.html">Online Javadocs</a></li>
    <li class="nav-header">Project Information</li>
     <li><a href="team.html">Project Team</a></li>
     <li><a href="http://issues.apache.org/jira/browse/Rampart" class="externalLink">Issue Tracking</a></li>
     <li><a href="mailing-lists.html">Mailing Lists</a></li>
     <li><a href="https://github.com/apache/axis-axis2-java-rampart" class="externalLink">Source Code</a></li>
     <li><a href="http://www.apache.org/licenses/" class="externalLink">License</a></li>
     <li><a href="http://www.apache.org/foundation/sponsorship.html" class="externalLink">Sponsorship</a></li>
     <li><a href="http://www.apache.org/foundation/thanks.html" class="externalLink">Thanks</a></li>
     <li><a href="http://www.apache.org/security/" class="externalLink">Security</a></li>
   </ul>
           </nav>
           <div class="well sidebar-nav">
             <div id="poweredBy">
               <div class="clear"></div>
               <div class="clear"></div>
 <a href="https://maven.apache.org/" class="builtBy" target="_blank"><img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" /></a>
             </div>
           </div>
         </header>
         <main id="bodyColumn" class="span10">


     <section><a id="Setting_up_a_Security_Token_Service"></a>
 <h1>Setting up a Security Token Service</h1>
             <section><section><a id="Setting_up_a_Security_Token_Service_1"></a>
 <h3>Setting up a Security Token Service</h3>

 <p>Security Token Service can be set up as per WS-Trust specification using Rampart. The default security token service shipped with the rampart distribution is contained in the rampart-trust.mar module. It can issue SCT tokens and SAML tokens. Sample05 contains a client that connects to the default STS and obtain a SAML token. The services.xml in the sample contains &quot;saml-issuer-config&quot; parameter that is used to configure the default SAML issuer.</p>
         <strong>STS with a custom issuer</strong>

 <p>First the default rampart.mar has to be removed from the modules. Then write you own issuer implementing the <code>&quot;org.apache.rahas.TokenIssuer&quot;</code> interface. Let's say that your issuer is <code>&quot;org.custom.MyIssuer&quot;</code>. Then create a Axis2 service archive with the following in the services.xml. Drop the archive into the repository and you have a STS with a CustomToken issuer.</p>


 <pre>

 &lt;module ref=&quot;rampart&quot; /&gt;

 &lt;operation name=&quot;IssueToken&quot;
         mep=&quot;http://www.w3.org/ns/wsdl/in-out&quot;&gt;
     &lt;messageReceiver
             class=&quot;org.apache.rahas.STSMessageReceiver&quot;/&gt;

     &lt;!-- Action mapping to accept RST requests --&gt;
     &lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT&lt;/actionMapping&gt;
     &lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue&lt;/actionMapping&gt;
     &lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Renew&lt;/actionMapping&gt;
     &lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Cancel&lt;/actionMapping&gt;
     &lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel&lt;/actionMapping&gt;
     &lt;actionMapping&gt;http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Validate&lt;/actionMapping&gt;

     &lt;parameter name=&quot;token-dispatcher-configuration&quot;&gt;
         &lt;token-dispatcher-configuration&gt;
         &lt;!-- Issuers. You may have many issuers. --&gt;
         &lt;issuer class=&quot;org.custom.MyIssuer&quot; default=&quot;true&quot;&gt;
                 &lt;configuration
                         type=&quot;parameter&quot;&gt;saml-issuer-config&lt;/configuration&gt;
                 &lt;tokenType&gt;http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1&lt;/tokenType&gt;
             &lt;/issuer&gt;
         &lt;/token-dispatcher-configuration&gt;
     &lt;/parameter&gt;

 &lt;/operation&gt;

 </pre>
     </section></section>
          </main>
       </div>
     </div>
     <hr/>
     <footer>
       <div class="container-fluid">
         <div class="row-fluid">
             <p>©      2005–2024
 <a href="http://www.apache.org">Apache Software Foundation</a>
 </p>
         </div>
       </div>
     </footer>
   </body>
 </html>
	<!DOCTYPE html>


	<!--
	\| Generated by Apache Maven Doxia Site Renderer 2.0.0 from src/site/xdoc/setting-up-sts.xml at 01 Dec 2024
	\| Rendered using Apache Maven Fluido Skin 2.0.0-M11
	-->
	<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
	<head>
	<meta charset="UTF-8" />
	<meta name="viewport" content="width=device-width, initial-scale=1" />
	<meta name="generator" content="Apache Maven Doxia Site Renderer 2.0.0" />
	<title>Setting up a Security Token Service – Apache Rampart</title>
	<link rel="stylesheet" href="./css/apache-maven-fluido-2.0.0-M11.min.css" />
	<link rel="stylesheet" href="./css/site.css" />
	<link rel="stylesheet" href="./css/print.css" media="print" />
	<script src="./js/apache-maven-fluido-2.0.0-M11.min.js"></script>
	</head>
	<body>
	<div class="container-fluid container-fluid-top">
	<header>
	<div id="banner">
	<div class="pull-left"><div id="bannerLeft"><h1><img class="class java.lang.Object" src="images/apache-rampart-logo.jpg" /></h1></div></div>
	<div class="pull-right"><div id="bannerRight"><h1><a href="http://www.apache.org"><img class="class java.lang.Object" src="http://www.apache.org/images/asf_logo_wide.png" /></a></h1></div></div>
	<div class="clear"><hr/></div>
	</div>

	<div id="breadcrumbs">
	<ul class="breadcrumb">
	<li id="publishDate">Last Published: 01 Dec 2024<span class="divider">\|</span>
	</li>
	<li id="projectVersion">Version: 1.8.0</li>
	<li class="pull-right"><a href="../core/">Apache Axis2/Java</a></li>
	</ul>
	</div>
	</header>
	<div class="row-fluid">
	<header id="leftColumn" class="span2">
	<nav class="well sidebar-nav">
	<ul class="nav nav-list">
	<li class="nav-header">Apache Rampart</li>
	<li><a href="index.html">Home</a></li>
	<li><a href="javascript:void(0)"><span class="icon-chevron-down"></span>Downloads</a>
	<ul class="nav nav-list">
	<li><a href="download.html">Releases</a></li>
	</ul></li>
	<li><a href="javascript:void(0)"><span class="icon-chevron-down"></span>Release Notes</a>
	<ul class="nav nav-list">
	<li><a href="release-notes/1.6.1.html">1.6.1</a></li>
	<li><a href="release-notes/1.6.2.html">1.6.2</a></li>
	<li><a href="release-notes/1.6.3.html">1.6.3</a></li>
	<li><a href="release-notes/1.6.4.html">1.6.4</a></li>
	<li><a href="release-notes/1.7.0.html">1.7.0</a></li>
	<li><a href="release-notes/1.8.0.html">1.8.0</a></li>
	</ul></li>
	<li class="nav-header">Documentation</li>
	<li><a href="quick-start.html">Getting Started</a></li>
	<li><a href="samples.html">Samples</a></li>
	<li><a href="http://wiki.apache.org/ws/FrontPage/Rampart/FAQ" class="externalLink">FAQ</a></li>
	<li><a href="rampartconfig-guide.html">Rampart Configuration</a></li>
	<li class="active"><a>STS Configuration</a></li>
	<li><a href="developer-guide.html">Developer Guide</a></li>
	<li class="nav-header">Resources</li>
	<li><a href="articles.html">Articles</a></li>
	<li><a href="specifications.html">Specifications</a></li>
	<li><a href="apidocs/index.html">Online Javadocs</a></li>
	<li class="nav-header">Project Information</li>
	<li><a href="team.html">Project Team</a></li>
	<li><a href="http://issues.apache.org/jira/browse/Rampart" class="externalLink">Issue Tracking</a></li>
	<li><a href="mailing-lists.html">Mailing Lists</a></li>
	<li><a href="https://github.com/apache/axis-axis2-java-rampart" class="externalLink">Source Code</a></li>
	<li><a href="http://www.apache.org/licenses/" class="externalLink">License</a></li>
	<li><a href="http://www.apache.org/foundation/sponsorship.html" class="externalLink">Sponsorship</a></li>
	<li><a href="http://www.apache.org/foundation/thanks.html" class="externalLink">Thanks</a></li>
	<li><a href="http://www.apache.org/security/" class="externalLink">Security</a></li>
	</ul>
	</nav>
	<div class="well sidebar-nav">
	<div id="poweredBy">
	<div class="clear"></div>
	<div class="clear"></div>
	<a href="https://maven.apache.org/" class="builtBy" target="_blank"><img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" /></a>
	</div>
	</div>
	</header>
	<main id="bodyColumn" class="span10">


	<section><a id="Setting_up_a_Security_Token_Service"></a>
	<h1>Setting up a Security Token Service</h1>
	<section><section><a id="Setting_up_a_Security_Token_Service_1"></a>
	<h3>Setting up a Security Token Service</h3>

	<p>Security Token Service can be set up as per WS-Trust specification using Rampart. The default security token service shipped with the rampart distribution is contained in the rampart-trust.mar module. It can issue SCT tokens and SAML tokens. Sample05 contains a client that connects to the default STS and obtain a SAML token. The services.xml in the sample contains "saml-issuer-config" parameter that is used to configure the default SAML issuer.</p>
	<strong>STS with a custom issuer</strong>

	<p>First the default rampart.mar has to be removed from the modules. Then write you own issuer implementing the <code>"org.apache.rahas.TokenIssuer"</code> interface. Let's say that your issuer is <code>"org.custom.MyIssuer"</code>. Then create a Axis2 service archive with the following in the services.xml. Drop the archive into the repository and you have a STS with a CustomToken issuer.</p>


	<pre>

	<module ref="rampart" />

	<operation name="IssueToken"
	mep="http://www.w3.org/ns/wsdl/in-out">
	<messageReceiver
	class="org.apache.rahas.STSMessageReceiver"/>

	<!-- Action mapping to accept RST requests -->
	<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</actionMapping>
	<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</actionMapping>
	<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Renew</actionMapping>
	<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Cancel</actionMapping>
	<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel</actionMapping>
	<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Validate</actionMapping>

	<parameter name="token-dispatcher-configuration">
	<token-dispatcher-configuration>
	<!-- Issuers. You may have many issuers. -->
	<issuer class="org.custom.MyIssuer" default="true">
	<configuration
	type="parameter">saml-issuer-config</configuration>
	<tokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</tokenType>
	</issuer>
	</token-dispatcher-configuration>
	</parameter>

	</operation>

	</pre>
	</section></section>
	</main>
	</div>
	</div>
	<hr/>
	<footer>
	<div class="container-fluid">
	<div class="row-fluid">
	<p>© 2005–2024
	<a href="http://www.apache.org">Apache Software Foundation</a>
	</p>
	</div>
	</div>
	</footer>
	</body>
	</html>