Hi All,
Thanks for reading my articles...
This article is a part of implementation about Picketlink SSO based on my last post:
"How to Implement SSO using Picketlink 2.5, SEAM 2.x and JBoss AS/Wildfly" (2015-03-11)
You need to implement the code described in the link above to create the project...
So let's do it:
Take a look over idp implementation on my last article...
The login.jsp will be replaced by login.xhtml and some revisions will be necessary...
pom.xml
<dependency>
<groupId>org.jboss.spec.javax.faces</groupId>
<artifactId>jboss-jsf-api_2.1_spec</artifactId>
<scope>provided</scope>
</dependency>
1 - login.xhtml
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:ui="http://java.sun.com/jsf/facelets">
<h:head>
<title>
<ui:insert name="title">IDP Picketlink SAML Identity Provider JSF 2.0</ui:insert>
</title>
</h:head>
<body>
<form id="login_form" name="login_form"
action="j_security_check" method="post"
enctype="application/x-www-form-urlencoded">
<p>
<b>IDP - JSF Login - PicketLink 2.5</b>
</p>
<p>Please login to proceed...</p>
<div style="margin-left: 15px;">
<p>
<h:outputLabel for="j_username" value="Username"></h:outputLabel>
<br />
<h:inputText id="j_username" size="20" />
</p>
<p>
<h:outputLabel for="j_password" value="Password"></h:outputLabel>
<br />
<h:inputSecret id="j_password" size="20"/>
</p>
<input type="submit" value="login" />
</div>
</form>
</body>
</html>
2 - /WEB-INF/web.xml
...
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
...
<login-config>
<auth-method>FORM</auth-method>
<realm-name>PicketLink IDP JSF Application</realm-name>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/login.xhtml</form-error-page>
</form-login-config>
</login-config>
3 - /WEB-INF/picketlink.xml
<PicketLink xmlns="urn:picketlink:identity-federation:config:2.1">
<PicketLinkIDP xmlns="urn:picketlink:identity-federation:config:2.1"
ServerEnvironment="tomcat" BindingType="REDIRECT" RelayState="someURL">
<IdentityURL>${idp.url::http://localhost:9080/idp-jsf/}</IdentityURL>
<Trust>
<Domains>localhost</Domains>
</Trust>
</PicketLinkIDP>
<Handlers xmlns="urn:picketlink:identity-federation:handler:config:2.1">
<Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler" />
<Handler
class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler" />
<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler">
<Option Key="CLOCK_SKEW_MILIS" Value="30000"/>
</Handler>
<Handler
class="org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler" />
</Handlers>
<PicketLinkSTS xmlns="urn:picketlink:identity-federation:config:2.1" TokenTimeout="5000" ClockSkew="0">
<TokenProviders>
<TokenProvider
ProviderClass="org.picketlink.identity.federation.core.saml.v1.providers.SAML11AssertionTokenProvider"
TokenType="urn:oasis:names:tc:SAML:1.0:assertion"
TokenElement="Assertion" TokenElementNS="urn:oasis:names:tc:SAML:1.0:assertion" />
<TokenProvider
ProviderClass="org.picketlink.identity.federation.core.saml.v2.providers.SAML20AssertionTokenProvider"
TokenType="urn:oasis:names:tc:SAML:2.0:assertion"
TokenElement="Assertion" TokenElementNS="urn:oasis:names:tc:SAML:2.0:assertion" />
</TokenProviders>
</PicketLinkSTS>
</PicketLink>
OR just replace the ${idp.url} property described on my last article inside picketlink.xml
4 - /WEB-INF/jboss-web.xml
<jboss-web>
<context-root>idp-jsf</context-root>
<security-domain>idp</security-domain>
<valve>
<class-name>org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve</class-name>
</valve>
</jboss-web>
That's it...
No comments:
Post a Comment