debugged IDP operation - Venice can now act as a Liberty IDP
This commit is contained in:
parent
866acd708c
commit
3be3c52161
|
@ -10,7 +10,7 @@
|
||||||
|
|
||||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIIDMDCCAu4CBD7vnjgwCwYHKoZIzjgEAwUAMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMSMwIQYDVQQKExpTaWx2ZXJ3cmlzdCBEZXNpZ24gU3R1ZGlvczEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFjAUBgNVBAMTDUVyaWMgQm93ZXJzb3gwHhcNMDMwNjE3MjMwMzIwWhcNMDMwOTE1MjMwMzIwWjB+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ08xDzANBgNVBAcTBkRlbnZlcjEjMCEGA1UEChMaU2lsdmVyd3Jpc3QgRGVzaWduIFN0dWRpb3MxFDASBgNVBAsTC0RldmVsb3BtZW50MRYwFAYDVQQDEw1FcmljIEJvd2Vyc294MIIBtzCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYQAAoGAPY0omT9Qes0rZe0C21MetHeTwen3Er5lFgAPWMUgHkLBhdViPfnRtjtCXiiVZ/n85/Hc6yGNDkNvYVsD5CX8mo72vsXXHg5wdyMiFlHZuZFE57bE/4YDg1dtqQ3BE9NHUlxuinbdgJd8mY5uNpy69/9jrbvr5oo1p6ZMdLU3iiowCwYHKoZIzjgEAwUAAy8AMCwCFF5opeaoKbAijQc87yHBHHlONllfAhRqDQFmDitlQJ61lecv/2/tuaxIPw==</ds:X509Certificate>
|
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICjjCCAfcCBD7v+IcwDQYJKoZIhvcNAQEEBQAwgY0xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMSMwIQYDVQQKExpTaWx2ZXJ3cmlzdCBEZXNpZ24gU3R1ZGlvczEbMBkGA1UECxMSVmVuaWNlIERldmVsb3BtZW50MR4wHAYDVQQDExVWZW5pY2UgU2FtcGxlIElEUCBLZXkwHhcNMDMwNjE4MDUyODM5WhcNMDYwMzE0MDUyODM5WjCBjTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNPMQ8wDQYDVQQHEwZEZW52ZXIxIzAhBgNVBAoTGlNpbHZlcndyaXN0IERlc2lnbiBTdHVkaW9zMRswGQYDVQQLExJWZW5pY2UgRGV2ZWxvcG1lbnQxHjAcBgNVBAMTFVZlbmljZSBTYW1wbGUgSURQIEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6AFthEPxD10J7VTPD5I73NDcdFS3Lw2BUL2OD53PEMyZbQ/WMncckJ4qfbAKbrnXp2BP7w0eNsZZSutGX62q+7rh4Vt5kRt/WE4GO6XSFBn+I6vnjQmyVptZKZf0k6DJf/3Dqlt+sbZo5uaxygQS8wUXyYSLzzXcN6Y2v4Q3JtkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBwzpyl1BRw+tN1VRra//ReamI8omDaSj+kuxV2jvWxUHS5uuzuK4yKVEOXIoEgnKmoVSq5S3cacxI0g5C30pVy0zXU3VsJJhhngOPFr9G26Ko0oFz77s7Hapar9tX27+0kVh6hf4k4ume90C6QEEjEw3dPR7IgLFpN5qp25StNIw==</ds:X509Certificate>
|
||||||
</ds:X509Data>
|
</ds:X509Data>
|
||||||
</ds:KeyInfo>
|
</ds:KeyInfo>
|
||||||
|
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
|
|
||||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICbjCCAdcCBD7AlmwwDQYJKoZIhvcNAQEEBQAwfjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNPMQ8wDQYDVQQHEwZEZW52ZXIxIzAhBgNVBAoTGlNpbHZlcndyaXN0IERlc2lnbiBTdHVkaW9zMRQwEgYDVQQLEwtEZXZlbG9wbWVudDEWMBQGA1UEAxMNRXJpYyBCb3dlcnNveDAeFw0wMzA1MTMwNjUzMzJaFw0wMzA4MTEwNjUzMzJaMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMSMwIQYDVQQKExpTaWx2ZXJ3cmlzdCBEZXNpZ24gU3R1ZGlvczEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFjAUBgNVBAMTDUVyaWMgQm93ZXJzb3gwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvjYZPJwt16vTVIKleltTVDyvswVr2vCd9aHg7rKPhNKN+iVS2XY+Y5IopgcVtshQx/SbWnPNldtpGtFewaSQzCud/Lhja1xoGO/nTbjRr7MrPlR3yub8KO90tgslZ9yjEPZDWDEr3Y59ieDpMtAnYjS2GQ2LFRHq63kzd4AXg1AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAVhJqkLZd59BiTjvRF0ZtBKXe+kxnvyclc0MeIzkzGFmnpMuSpSyZ3LlYp0uvFn5OADM6KkXj7DgXIqb1bqIvXmlwDds+oO3KL+WdHBO9KHW0KjR2jpIujpmJ8Eaf/cefcOxxA00CMrwBeL8EXyAaynpcT78nrT5iN3FZwMkBi9o=</ds:X509Certificate>
|
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICjDCCAfUCBD7v95MwDQYJKoZIhvcNAQEEBQAwgYwxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMSMwIQYDVQQKExpTaWx2ZXJ3cmlzdCBEZXNpZ24gU3R1ZGlvczEbMBkGA1UECxMSVmVuaWNlIERldmVsb3BtZW50MR0wGwYDVQQDExRWZW5pY2UgU2FtcGxlIFNQIEtleTAeFw0wMzA2MTgwNTI0MzVaFw0wNjAzMTQwNTI0MzVaMIGMMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ08xDzANBgNVBAcTBkRlbnZlcjEjMCEGA1UEChMaU2lsdmVyd3Jpc3QgRGVzaWduIFN0dWRpb3MxGzAZBgNVBAsTElZlbmljZSBEZXZlbG9wbWVudDEdMBsGA1UEAxMUVmVuaWNlIFNhbXBsZSBTUCBLZXkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALQjlifEIQu5mOjVdnCeWxOMgR+9T23Zse1m98eiDn/92Q7AHsrDt2HHsLsmN+8YRW+WKh7uWyGP7rYVeDNRb8pPd3f8Lh5sAEI/LtTFnu3zrU/0vXMclTV7HnbnFKYfQN9S28bQtTsFr5m12qJ4cwkCfRrVbOV+mQPPlg9YLgmzAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAOxjxzD5uILozSGnrrBWynbvNsE5lF1BejimyBlgYEAb/edxwQeRBs7mYG0jQQxkANuTlSC97p5iFMXzBhbf+GnXG9Zps+jtFM3gKvJYijiTR/nsHUIvVyv69oavZFfBwjBN0fDupJYfzX2QG7n+FEV/WRF0usaaVOPE3kHi8Vb0=</ds:X509Certificate>
|
||||||
</ds:X509Data>
|
</ds:X509Data>
|
||||||
</ds:KeyInfo>
|
</ds:KeyInfo>
|
||||||
|
|
||||||
|
|
Binary file not shown.
|
@ -2,58 +2,86 @@
|
||||||
<ProviderDirectory xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
|
<ProviderDirectory xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
|
||||||
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
|
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
|
||||||
xmlns="http://www.sourceid.org/schemas/sso/providers/2002/11">
|
xmlns="http://www.sourceid.org/schemas/sso/providers/2002/11">
|
||||||
<!--
|
|
||||||
Sample Identity Provider Descriptor. If this instance of SourceID-SSO is configured to
|
|
||||||
operate in the "sp" role, then the entry below describes an Identity Provider with which
|
|
||||||
we are federated. If this instance is configured to operate in the "idp" role, then the entry
|
|
||||||
below will be ignored.
|
|
||||||
-->
|
|
||||||
<lib:IDPDescriptor xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
|
<lib:IDPDescriptor xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
|
||||||
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<!--
|
<lib:ProviderID>Venice-SSO-IDP</lib:ProviderID>
|
||||||
Customize the following line to match the ProviderID of the remote provider; if the other
|
|
||||||
provider is SourceID-SSO, then the ProviderID below should match the <provider-id> element
|
|
||||||
in the other deployment's sourceid-sso.xml.
|
|
||||||
-->
|
|
||||||
<lib:ProviderID>SourceID-Sample-IDP</lib:ProviderID>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
The following KeyInfo represents the public key contained in the sample "sourceid.keystore"
|
|
||||||
file bundled with SourceID-SSO
|
|
||||||
-->
|
|
||||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICSjCCAbMCBD4coSAwDQYJKoZIhvcNAQEEBQAwbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjAeFw0wMzAxMDgyMjA3MjhaFw0wMzA0MDgyMjA3MjhaMGwxEDAOBgNVBAYTB1Vua25vd24xEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24xEDAOBgNVBAoTB1Vua25vd24xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMJhokczPBJlZe48d5oKZiX6vo7DBU5b54t9JjSHLOEZd0XK5w81BY4iX8QADMc7GyTrqDDrehfh4S5eQO89Fll50D4f6HpSI2QGtionDrj3kuET9nW9n98IzWc3eiLLH+5q3VGm04rylo4PTnJCeMYmDRqYJkWR1xQbNsrv9HHJAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAI16O969XJkYRJaTiPXMcJg8XRM9oHKqc4L6YEDXGvnQ8NfTPDuJEzKIcU8QWNnprcY+MOue+O2YvP7u9NQuKK4zDA14CcIRb8G+VMLFa2A+BYiD66yIBWsb89YNFYnvH379wGp+ankQBTdljpgFo6Bt+fXmZxB6mToBdXy0h5b8=</ds:X509Certificate>
|
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICjjCCAfcCBD7v+IcwDQYJKoZIhvcNAQEEBQAwgY0xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMSMwIQYDVQQKExpTaWx2ZXJ3cmlzdCBEZXNpZ24gU3R1ZGlvczEbMBkGA1UECxMSVmVuaWNlIERldmVsb3BtZW50MR4wHAYDVQQDExVWZW5pY2UgU2FtcGxlIElEUCBLZXkwHhcNMDMwNjE4MDUyODM5WhcNMDYwMzE0MDUyODM5WjCBjTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNPMQ8wDQYDVQQHEwZEZW52ZXIxIzAhBgNVBAoTGlNpbHZlcndyaXN0IERlc2lnbiBTdHVkaW9zMRswGQYDVQQLExJWZW5pY2UgRGV2ZWxvcG1lbnQxHjAcBgNVBAMTFVZlbmljZSBTYW1wbGUgSURQIEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6AFthEPxD10J7VTPD5I73NDcdFS3Lw2BUL2OD53PEMyZbQ/WMncckJ4qfbAKbrnXp2BP7w0eNsZZSutGX62q+7rh4Vt5kRt/WE4GO6XSFBn+I6vnjQmyVptZKZf0k6DJf/3Dqlt+sbZo5uaxygQS8wUXyYSLzzXcN6Y2v4Q3JtkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBwzpyl1BRw+tN1VRra//ReamI8omDaSj+kuxV2jvWxUHS5uuzuK4yKVEOXIoEgnKmoVSq5S3cacxI0g5C30pVy0zXU3VsJJhhngOPFr9G26Ko0oFz77s7Hapar9tX27+0kVh6hf4k4ume90C6QEEjEw3dPR7IgLFpN5qp25StNIw==</ds:X509Certificate>
|
||||||
</ds:X509Data>
|
</ds:X509Data>
|
||||||
</ds:KeyInfo>
|
</ds:KeyInfo>
|
||||||
|
|
||||||
<!--
|
<lib:SoapEndpoint>http://localhost:8080/venice-idp/sso/soap/endpoint</lib:SoapEndpoint>
|
||||||
The endpoints in the following URL's are correct for services offered by SourceID-SSO.
|
<lib:SingleLogoutServiceURL>http://localhost:8080/venice-idp/sso/logout</lib:SingleLogoutServiceURL>
|
||||||
If federating this installation with another instance of SourceID-SSO, then all you need to do
|
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/venice-idp/sso/logout</lib:SingleLogoutServiceReturnURL>
|
||||||
is customize the URL's to match your deployment (e.g. replace "http://localhost:9080/sso-sample-idp"
|
<lib:FederationTerminationServiceURL>http://localhost:8080/venice-idp/sso/fedterm</lib:FederationTerminationServiceURL>
|
||||||
with your server name and servlet context).
|
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/venice-idp/sso/fedterm</lib:FederationTerminationServiceReturnURL>
|
||||||
-->
|
<lib:SingleSignOnServiceURL>http://localhost:8080/venice-idp/sso/authn</lib:SingleSignOnServiceURL>
|
||||||
|
<!--
|
||||||
|
The following profile declarations indicate the variants of the Liberty Protocol which
|
||||||
|
this provider can speak.
|
||||||
|
-->
|
||||||
|
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</lib:RegisterNameIdentifierProtocolProfile>
|
||||||
|
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</lib:FederationTerminationNotificationProtocolProfile>
|
||||||
|
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</lib:FederationTerminationNotificationProtocolProfile>
|
||||||
|
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</lib:SingleLogoutProtocolProfile>
|
||||||
|
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</lib:SingleLogoutProtocolProfile>
|
||||||
|
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-art</lib:SingleSignOnProtocolProfile>
|
||||||
|
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-post</lib:SingleSignOnProtocolProfile>
|
||||||
|
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/wml-post</lib:SingleSignOnProtocolProfile>
|
||||||
|
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/lecp</lib:SingleSignOnProtocolProfile>
|
||||||
|
|
||||||
<lib:SoapEndpoint>http://localhost:8080/sso-sample-idp/sso/soap/endpoint</lib:SoapEndpoint>
|
|
||||||
<lib:SingleLogoutServiceURL>http://localhost:8080/sso-sample-idp/sso/logout</lib:SingleLogoutServiceURL>
|
|
||||||
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/sso-sample-idp/sso/logout</lib:SingleLogoutServiceReturnURL>
|
|
||||||
<lib:FederationTerminationServiceURL>http://localhost:8080/sso-sample-idp/sso/fedterm</lib:FederationTerminationServiceURL>
|
|
||||||
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/sso-sample-idp/sso/fedterm</lib:FederationTerminationServiceReturnURL>
|
|
||||||
<lib:SingleSignOnServiceURL>http://localhost:8080/sso-sample-idp/sso/authn</lib:SingleSignOnServiceURL>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
The following profile declarations indicate the variants of the Liberty Protocol which
|
|
||||||
this provider can speak.
|
|
||||||
-->
|
|
||||||
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</lib:RegisterNameIdentifierProtocolProfile>
|
|
||||||
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</lib:FederationTerminationNotificationProtocolProfile>
|
|
||||||
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</lib:FederationTerminationNotificationProtocolProfile>
|
|
||||||
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</lib:SingleLogoutProtocolProfile>
|
|
||||||
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</lib:SingleLogoutProtocolProfile>
|
|
||||||
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-art</lib:SingleSignOnProtocolProfile>
|
|
||||||
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-post</lib:SingleSignOnProtocolProfile>
|
|
||||||
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/wml-post</lib:SingleSignOnProtocolProfile>
|
|
||||||
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/lecp</lib:SingleSignOnProtocolProfile>
|
|
||||||
</lib:IDPDescriptor>
|
</lib:IDPDescriptor>
|
||||||
|
|
||||||
|
<!--
|
||||||
|
Sample Identity Provider Descriptor. If this instance of SourceID-SSO is configured to
|
||||||
|
operate in the "sp" role, then the entry below describes an Identity Provider with which
|
||||||
|
we are federated. If this instance is configured to operate in the "idp" role, then the entry
|
||||||
|
below will be ignored.
|
||||||
|
-->
|
||||||
|
<lib:IDPDescriptor xmlns:lib="http://projectliberty.org/schemas/core/2002/12" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
|
<!--
|
||||||
|
Customize the following line to match the ProviderID of the remote provider; if the other
|
||||||
|
provider is SourceID-SSO, then the ProviderID below should match the <provider-id> element
|
||||||
|
in the other deployment's sourceid-sso.xml.
|
||||||
|
-->
|
||||||
|
<lib:ProviderID>SourceID-Sample-IDP</lib:ProviderID>
|
||||||
|
<!--
|
||||||
|
The following KeyInfo represents the public key contained in the sample "sourceid.keystore"
|
||||||
|
file bundled with SourceID-SSO
|
||||||
|
-->
|
||||||
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
|
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
|
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICSjCCAbMCBD4coSAwDQYJKoZIhvcNAQEEBQAwbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjAeFw0wMzAxMDgyMjA3MjhaFw0wMzA0MDgyMjA3MjhaMGwxEDAOBgNVBAYTB1Vua25vd24xEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24xEDAOBgNVBAoTB1Vua25vd24xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMJhokczPBJlZe48d5oKZiX6vo7DBU5b54t9JjSHLOEZd0XK5w81BY4iX8QADMc7GyTrqDDrehfh4S5eQO89Fll50D4f6HpSI2QGtionDrj3kuET9nW9n98IzWc3eiLLH+5q3VGm04rylo4PTnJCeMYmDRqYJkWR1xQbNsrv9HHJAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAI16O969XJkYRJaTiPXMcJg8XRM9oHKqc4L6YEDXGvnQ8NfTPDuJEzKIcU8QWNnprcY+MOue+O2YvP7u9NQuKK4zDA14CcIRb8G+VMLFa2A+BYiD66yIBWsb89YNFYnvH379wGp+ankQBTdljpgFo6Bt+fXmZxB6mToBdXy0h5b8=</ds:X509Certificate>
|
||||||
|
</ds:X509Data>
|
||||||
|
</ds:KeyInfo>
|
||||||
|
<!--
|
||||||
|
The endpoints in the following URL's are correct for services offered by SourceID-SSO.
|
||||||
|
If federating this installation with another instance of SourceID-SSO, then all you need to do
|
||||||
|
is customize the URL's to match your deployment (e.g. replace "http://localhost:9080/sso-sample-idp"
|
||||||
|
with your server name and servlet context).
|
||||||
|
-->
|
||||||
|
<lib:SoapEndpoint>http://localhost:8080/sso-sample-idp/sso/soap/endpoint</lib:SoapEndpoint>
|
||||||
|
<lib:SingleLogoutServiceURL>http://localhost:8080/sso-sample-idp/sso/logout</lib:SingleLogoutServiceURL>
|
||||||
|
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/sso-sample-idp/sso/logout</lib:SingleLogoutServiceReturnURL>
|
||||||
|
<lib:FederationTerminationServiceURL>http://localhost:8080/sso-sample-idp/sso/fedterm</lib:FederationTerminationServiceURL>
|
||||||
|
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/sso-sample-idp/sso/fedterm</lib:FederationTerminationServiceReturnURL>
|
||||||
|
<lib:SingleSignOnServiceURL>http://localhost:8080/sso-sample-idp/sso/authn</lib:SingleSignOnServiceURL>
|
||||||
|
<!--
|
||||||
|
The following profile declarations indicate the variants of the Liberty Protocol which
|
||||||
|
this provider can speak.
|
||||||
|
-->
|
||||||
|
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</lib:RegisterNameIdentifierProtocolProfile>
|
||||||
|
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</lib:FederationTerminationNotificationProtocolProfile>
|
||||||
|
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</lib:FederationTerminationNotificationProtocolProfile>
|
||||||
|
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</lib:SingleLogoutProtocolProfile>
|
||||||
|
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</lib:SingleLogoutProtocolProfile>
|
||||||
|
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-art</lib:SingleSignOnProtocolProfile>
|
||||||
|
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-post</lib:SingleSignOnProtocolProfile>
|
||||||
|
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/wml-post</lib:SingleSignOnProtocolProfile>
|
||||||
|
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/lecp</lib:SingleSignOnProtocolProfile>
|
||||||
|
</lib:IDPDescriptor>
|
||||||
|
|
||||||
</ProviderDirectory>
|
</ProviderDirectory>
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
|
|
||||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICbjCCAdcCBD7AlmwwDQYJKoZIhvcNAQEEBQAwfjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNPMQ8wDQYDVQQHEwZEZW52ZXIxIzAhBgNVBAoTGlNpbHZlcndyaXN0IERlc2lnbiBTdHVkaW9zMRQwEgYDVQQLEwtEZXZlbG9wbWVudDEWMBQGA1UEAxMNRXJpYyBCb3dlcnNveDAeFw0wMzA1MTMwNjUzMzJaFw0wMzA4MTEwNjUzMzJaMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMSMwIQYDVQQKExpTaWx2ZXJ3cmlzdCBEZXNpZ24gU3R1ZGlvczEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFjAUBgNVBAMTDUVyaWMgQm93ZXJzb3gwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvjYZPJwt16vTVIKleltTVDyvswVr2vCd9aHg7rKPhNKN+iVS2XY+Y5IopgcVtshQx/SbWnPNldtpGtFewaSQzCud/Lhja1xoGO/nTbjRr7MrPlR3yub8KO90tgslZ9yjEPZDWDEr3Y59ieDpMtAnYjS2GQ2LFRHq63kzd4AXg1AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAVhJqkLZd59BiTjvRF0ZtBKXe+kxnvyclc0MeIzkzGFmnpMuSpSyZ3LlYp0uvFn5OADM6KkXj7DgXIqb1bqIvXmlwDds+oO3KL+WdHBO9KHW0KjR2jpIujpmJ8Eaf/cefcOxxA00CMrwBeL8EXyAaynpcT78nrT5iN3FZwMkBi9o=</ds:X509Certificate>
|
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICjDCCAfUCBD7v95MwDQYJKoZIhvcNAQEEBQAwgYwxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMSMwIQYDVQQKExpTaWx2ZXJ3cmlzdCBEZXNpZ24gU3R1ZGlvczEbMBkGA1UECxMSVmVuaWNlIERldmVsb3BtZW50MR0wGwYDVQQDExRWZW5pY2UgU2FtcGxlIFNQIEtleTAeFw0wMzA2MTgwNTI0MzVaFw0wNjAzMTQwNTI0MzVaMIGMMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ08xDzANBgNVBAcTBkRlbnZlcjEjMCEGA1UEChMaU2lsdmVyd3Jpc3QgRGVzaWduIFN0dWRpb3MxGzAZBgNVBAsTElZlbmljZSBEZXZlbG9wbWVudDEdMBsGA1UEAxMUVmVuaWNlIFNhbXBsZSBTUCBLZXkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALQjlifEIQu5mOjVdnCeWxOMgR+9T23Zse1m98eiDn/92Q7AHsrDt2HHsLsmN+8YRW+WKh7uWyGP7rYVeDNRb8pPd3f8Lh5sAEI/LtTFnu3zrU/0vXMclTV7HnbnFKYfQN9S28bQtTsFr5m12qJ4cwkCfRrVbOV+mQPPlg9YLgmzAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAOxjxzD5uILozSGnrrBWynbvNsE5lF1BejimyBlgYEAb/edxwQeRBs7mYG0jQQxkANuTlSC97p5iFMXzBhbf+GnXG9Zps+jtFM3gKvJYijiTR/nsHUIvVyv69oavZFfBwjBN0fDupJYfzX2QG7n+FEV/WRF0usaaVOPE3kHi8Vb0=</ds:X509Certificate>
|
||||||
</ds:X509Data>
|
</ds:X509Data>
|
||||||
</ds:KeyInfo>
|
</ds:KeyInfo>
|
||||||
|
|
||||||
|
|
Binary file not shown.
|
@ -173,7 +173,8 @@ public abstract class ServletBase extends HttpServlet implements WebConstants
|
||||||
SingleNamespaceObjectProvider objp = new SingleNamespaceObjectProvider("__internal__","RequestServices",base_objp);
|
SingleNamespaceObjectProvider objp = new SingleNamespaceObjectProvider("__internal__","RequestServices",base_objp);
|
||||||
objp.setObject("application",getServletContext());
|
objp.setObject("application",getServletContext());
|
||||||
objp.setObject("request",req);
|
objp.setObject("request",req);
|
||||||
objp.setObject("response",resp);
|
if (resp!=null)
|
||||||
|
objp.setObject("response",resp);
|
||||||
return new SingletonServiceProvider("RequestServices",svc,ObjectProvider.class,objp);
|
return new SingletonServiceProvider("RequestServices",svc,ObjectProvider.class,objp);
|
||||||
|
|
||||||
} // end createRequestServices
|
} // end createRequestServices
|
||||||
|
|
Loading…
Reference in New Issue
Block a user