Here is a description on how to use the xmldap relyingparty with SUN's glassfish application server. It works like a charm.
1) Download GlassFish
http://www.java.net/download/javaee5/v2ur1/promoted/SunOS/glassfish-installer-v2ur1-b09d-sunos-ml.jar
2) Run the installer/unpacker
java -Xmx256m -jar glassfish-installer-v2ur1-b09d-windows-ml.jar
3)
cd glassfish
lib\ant\bin\ant -f setup.xml
4) Add D:\Programme\glassfish\bin to the PATH variable
echo %PATH%
OK
5) Started glassfish
asadmin start-domain domain1
Verified this by using Firefox on
https://w4de3esy0069028.gdc-bln01.t-systems.com:8181/
6) stop glassfish
asadmin stop-domain domain1
7) edit websrc/xmldap_rp/WEB-INF/rp.properties
keystore=D:\\Programme\\glassfish\\domains\\domain1\\config\\keystore.jks
keystore-password=changeit
key=s1as
key-password=changeit
privacyStatement.text/plain=/WEB-INF/privacy.txt
privacyStatement.text/html=/WEB-INF/privacy.html
privacyStatement.text/pdf=/WEB-INF/privacy.pdf
requiredClaims=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddressoptionalClaims=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress ttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country ttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender
8)
cd openinfocard/ant; ant;
9)
cp ../build/xmldap.org/relyingparty.war cygdrive/d/Programme/glassfish/domains/domain1/autodeploy/
10) Start glassfish again
asadmin start-domain domain1
11) Use Firefox to open
https://w4de3esy0069028.gdc-bln01.t-systems.com:8181/relyingparty/
looks like the xmldap relyingparty. Fine.
12) login using dottie's information card
The openinfocard id selector version is 0.9.9.20080118
Valid Signature: true
Valid Conditions: true
Confirmation method: urn:oasis:names:tc:SAML:1.0:cm:bearer
Audience is restricted to: https://w4de3esy0069028.gdc-bln01.t-systems.com:8181/relyingparty/
No Certificate in Token
You provided the following claims:
givenname: Dorothy Mae
surname: Murphy Mortimore
privatepersonalidentifier: TFJmTjJIUlVyNG8yTGR3NmQySHp1Y3JOU0VHYit5NXErTDNZQkdRZk40ST0=
Your user agent is
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11
The java verion is jdk1.6.0_04.
Enjoy.
No comments:
Post a Comment