Security Service Token Sample Guide
In this sample we will demonstrate the usage of wso2carbon-sts service and its applications.
The demonstration of this sample also uses the default Hello service as the service provider.
HOW TO BUILD AND RUN THE SAMPLE
- Setup the sample by running the given Apache Ant build. $ ant
- Start WSO2 AppServer (If you haven't already started it).
- Log into WSO2 AppServer administration console.
- Select "wso2carbon-sts" service and setup security scenario "Sign and encrypt - X509
Authentication" (scenario 5) on it.
Make sure wso2carbon.jks keystore (wso2carbon keystore) is used.
- Select "HelloService" service and copy the http service address.
Select "wso2carbon-sts" service and navigate to "STS Configuration" link
(which is under the "Specific Configuration" section of the service dashboard).
Paste/type the http endpoint address of "HelloService" service
(http://10.100.1.105:9763/services/HelloService) in
"Add new trusted service"->"Endpoint Address".
Select the wso2carbon private key's certificate alias (wso2carbon) from the drop down list.
- Select Hello Service and setup security scenario "SecureConversation - Sign and Encrypt - Service
as STS - Bootstrap policy - Sign and Encrypt , X509 Authentication" (scenario 11) on it.
Make sure wso2carbon.jks keystore (WSO2 AppServer keystore) is used.
- Import sts-sample/conf/client.cert into the wso2carbon keystore using the
WSO2 AppServer admin console.
- Run client
$ ./run-client.sh <wso2carbon-sts-http-address> <hello-service-http-address>
OR
run-client.bat <wso2carbon-sts-http-address> <hello-service-http-address>
Note : This hello service http address should be exactly the same address you
added as a trusted service in the STS configuration.