4 Replies Latest reply on Nov 7, 2014 2:04 PM by pcraveiro

    wildfly and picketlink

    virchete

      HI,

       

      I am configuring Picketlink in wildfly.  I am using this doc for the setup:

       

      WildFly Configuration - PicketLink - Project Documentation Editor

       

      It is configured using an IDPFilter and a security domain:

       

      <security-domain name="overlord-idp" cache-type="default">
                <authentication>
                  <login-module code="RealmDirect" flag="required">
                    <module-option name="password-stacking" value="useFirstPass"/>
                  </login-module>
                </authentication>

      </security-domain>

       

      The IDPFilter is not working. It is expecting parameters in the http request: SAMLRequest and SAMLPassword, and in the request that is coming, there is no parameter

        • 1. Re: wildfly and picketlink
          virchete

          This is the current exception I am managing, after adding the IDPServletExtension as a service:

           

          on in service jboss.undertow.deployment.default-server.default-host./overlord-idp: Failed to start service
              at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1904) [jboss-msc-1.2.2.Final.jar:1.2.2.Final]
              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_55]
              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_55]
              at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_55]
          Caused by: java.util.ServiceConfigurationError: io.undertow.servlet.ServletExtension: Provider org.picketlink.identity.federation.bindings.wildfly.idp.IDPServletExtension could not be instantiated
              at java.util.ServiceLoader.fail(ServiceLoader.java:224) [rt.jar:1.7.0_55]
              at java.util.ServiceLoader.access$100(ServiceLoader.java:181) [rt.jar:1.7.0_55]
              at java.util.ServiceLoader$LazyIterator.next(ServiceLoader.java:377) [rt.jar:1.7.0_55]
              at java.util.ServiceLoader$1.next(ServiceLoader.java:445) [rt.jar:1.7.0_55]
              at io.undertow.servlet.core.DeploymentManagerImpl.handleExtensions(DeploymentManagerImpl.java:238)
              at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:149)
              at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:87)
              at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.start(UndertowDeploymentService.java:72)
              at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) [jboss-msc-1.2.2.Final.jar:1.2.2.Final]
              at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) [jboss-msc-1.2.2.Final.jar:1.2.2.Final]
              ... 3 more
          Caused by: java.lang.InstantiationException: org.picketlink.identity.federation.bindings.wildfly.idp.IDPServletExtension
              at java.lang.Class.newInstance(Class.java:359) [rt.jar:1.7.0_55]
              at java.util.ServiceLoader$LazyIterator.next(ServiceLoader.java:373) [rt.jar:1.7.0_55]
              ... 10 more

          • 2. Re: wildfly and picketlink
            virchete

            Solved this issue creating a new class that extends from IDPServletExtension. The reason is that, IDPServletExtension does not have a default empty constructor.

             

            But the same problem remains there. I do not know how to  make the Single Sign On working using picketlink and IDP.

             

            If can help here are the files used:

             

            Picketlink.xml: https://gist.github.com/dvirgiln/756cd9a988faeeac761f

            jboss-deployment-structure.xml : https://gist.github.com/dvirgiln/85e4323db030951e8063

            jboss-web.xml gist:7794a87661ae3b760b1d

            web.xml : gist:1d88a0ae6c814b0713f4

            • 3. Re: wildfly and picketlink
              virchete

              I added a class service of IDPServletExtension, like it is done for the SPServletExtension.

               

              But the same problem remains there. I do not know how to  make the Single Sign On working using picketlink and IDP.

               

              If can help here are the files used:

               

              Picketlink.xml: https://gist.github.com/dvirgiln/756cd9a988faeeac761f

              jboss-deployment-structure.xml : https://gist.github.com/dvirgiln/85e4323db030951e8063

              jboss-web.xml gist:7794a87661ae3b760b1d

              web.xml : gist:1d88a0ae6c814b0713f4

              • 4. Re: wildfly and picketlink
                pcraveiro

                Hi,

                     Did you had a chance to look at the PicketLink Quickstarts repository [1]. The saml examples provide all the configuration for both EAP and WildFly.

                 

                [1] jboss-developer/jboss-picketlink-quickstarts · GitHub