Security Service Token Sample Guide

In this sample we will demonstrate the usage of wso2carbon-sts service and its applications. The demonstration of this sample also uses the default Hello service as the service provider.

HOW TO BUILD AND RUN THE SAMPLE

  1. Setup the sample by running the given Apache Ant build. $ ant
  2. Start WSO2 AppServer (If you haven't already started it).
  3. Log into WSO2 AppServer administration console.
  4. Select "wso2carbon-sts" service and setup security scenario "Sign and encrypt - X509 Authentication" (scenario 5) on it. Make sure wso2carbon.jks keystore (wso2carbon keystore) is used.
  5. Select "HelloService" service and copy the http service address. Select "wso2carbon-sts" service and navigate to "STS Configuration" link (which is under the "Specific Configuration" section of the service dashboard). Paste/type the http endpoint address of "HelloService" service (http://10.100.1.105:9763/services/HelloService) in "Add new trusted service"->"Endpoint Address". Select the wso2carbon private key's certificate alias (wso2carbon) from the drop down list.
  6. Select Hello Service and setup security scenario "SecureConversation - Sign and Encrypt - Service as STS - Bootstrap policy - Sign and Encrypt , X509 Authentication" (scenario 11) on it. Make sure wso2carbon.jks keystore (WSO2 AppServer keystore) is used.
  7. Import sts-sample/conf/client.cert into the wso2carbon keystore using the WSO2 AppServer admin console.
  8. Run client $ ./run-client.sh <wso2carbon-sts-http-address> <hello-service-http-address> OR run-client.bat <wso2carbon-sts-http-address> <hello-service-http-address>
    Note : This hello service http address should be exactly the same address you added as a trusted service in the STS configuration.