1 2 Previous Next 23 Replies Latest reply: Nov 30, 2011 1:58 PM by Derrick Sutherland RSS

PicketLink v2  Builds

Anil Saldhana Master

Disclaimer:  These builds are work in progress.  Please do not think they are stable.

 

I am going to use this discussion thread for testing out the PL2 builds. 

 

To test in JBoss AS, 

 

1) Please create a new server distribution called pl

cp -R default pl

 

2) Just unzip the zip in the deploy folder /server/pl/deploy

 

3) Start the JBAS server

./run.sh -c pl

run -c pl

 

File attachments: 12 march 2012

 

Advanced Users

The workspaces are here: 

The federation trunk workspace:

http://anonsvn.jboss.org/repos/picketlink/federation/trunk/

 

The trust workspace:

http://anonsvn.jboss.org/repos/picketlink/trust/trunk/

 

First you have to get the federation workspace building correctly for the trust workspace to build. The trust workspace depends on the federation workspace artifacts installed in the local maven repository.

 

 

 

You can create patches and submit once you have signed a simple click thru CLA here:  http://www.jboss.org/contribute

(Sign either as individual or company).

 

 

What is the lite zip?

It just contains the jar files and no war files.

 

 

Incremental Builds

Please see the attachments.

Stable Builds

http://www.jboss.org/picketlink/downloads

  • 1. Re: PicketLink v2  Builds
    Dobes Vandermeer Newbie

    Hi,

     

    I installed this one but even after fixing compile errors I get an error trying to use JAXB to load IdP metadata:

     

      org.picketlink.identity.federation.core.exceptions.ConfigurationException: com.sun.xml.bind.v2.runtime.IllegalAnnotationsException: 1 counts of IllegalAnnotationExceptions

      org.picketlink.identity.xmlsec.w3.xmldsig.CanonicalizationMethodType does not have a no-arg default constructor.

              this problem is related to the following location:

                        at org.picketlink.identity.xmlsec.w3.xmldsig.CanonicalizationMethodType

                        at public org.picketlink.identity.xmlsec.w3.xmldsig.CanonicalizationMethodType org.picketlink.identity.xmlsec.w3.xmldsig.SignedInfoType.getCanonicalizationMethod()

                        at org.picketlink.identity.xmlsec.w3.xmldsig.SignedInfoType

                        at public org.picketlink.identity.xmlsec.w3.xmldsig.SignedInfoType org.picketlink.identity.xmlsec.w3.xmldsig.SignatureType.getSignedInfo()

                        at org.picketlink.identity.xmlsec.w3.xmldsig.SignatureType

                        at public org.picketlink.identity.xmlsec.w3.xmldsig.SignatureType org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntitiesDescriptorType.getSignature()

                        at org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntitiesDescriptorType

     

     

    The line of code I am using that triggers this is:

     

      JAXBContext xmlContext = JAXBContext.newInstance(EntitiesDescriptorType.class);

     

     

    Any chance of putting a no-arg constructor on that class?  Or am I using the wrong class for this purpose?

  • 2. Re: PicketLink v2  Builds
    Anil Saldhana Master

    Dobes,  you should not use JAXB.

     

    If you have a stream, you can use the SAMLParser class to parse a stream and cast it to the object you want.

     

    If you are constructing metadata manually, then use new.

  • 3. Re: PicketLink v2  Builds
    Dobes Vandermeer Newbie

    Hi,

     

    I'll try that.  I haven't found any docs on how to use that, is there a source distribution I can use so that I can read the sources to figure things out?

     

    Seems like the first problem I am having is an error "unsupported extensions"...

     

    java.lang.RuntimeException: Unknown Extensions
         at org.picketlink.identity.federation.core.parsers.saml.metadata.SAMLEntityDescriptorParser.parseIDPSSODescriptor(SAMLEntityDescriptorParser.java:356)
         at org.picketlink.identity.federation.core.parsers.saml.metadata.SAMLEntityDescriptorParser.parse(SAMLEntityDescriptorParser.java:113)
         at org.picketlink.identity.federation.core.parsers.saml.SAMLParser.parse(SAMLParser.java:113)
         at org.picketlink.identity.federation.core.parsers.AbstractParser.parse(AbstractParser.java:91)
    
  • 4. Re: PicketLink v2  Builds
    Anil Saldhana Master

    Dobes,

     

    the workspace is here:  http://anonsvn.jboss.org/repos/picketlink/federation/trunk/

     

    Our parsers throw exceptions when they cannot understand some elements. This is our way of knowing when we have not handled something.  Would you be kind to create a JIRA issue with the sample metadata file?  You can mask or change sensitive information from the md file.   I can get a new build asap.

  • 5. Re: PicketLink v2  Builds
    Dobes Vandermeer Newbie

    Added as https://issues.jboss.org/browse/PLINK-46

     

    Would it be difficult to include the source code in the next build, either right in the jar files or as a source jar?

     

    Possibly I can get the source from that SVN repo and build the jars myself ... I'll take a look at that option too.

  • 6. Re: PicketLink v2  Builds
    Anil Saldhana Master

    Since the changes were minimal, I made the bug fix and is attached as jar to the JIRA issue: https://issues.jboss.org/browse/PLFED-139

     

    Thanks for the JIRA issue and the metadata file.  The problem was that we were not handling the optional metadata extensions element. Also there was the other bug in KeyTypes "use" optional element.

  • 7. PicketLink v2  Builds
    Katja R Newbie

    Just one small issue:

    It seems that the openid4java.jar is missing in the build. The deployment of idp.war and idp-sig.war failed with message

    2011-03-01 08:56:27,080 ERROR [org.apache.catalina.core.StandardContext] (main) Context [/idp-sig] startup failed due to previous errors

    java.lang.NoClassDefFoundError: org/openid4java/message/ParameterList

    After I added the jar, everything works fine.

  • 8. Re: PicketLink v2  Builds
    Katja R Newbie

    My SAML-Token from Shibboleth contains an element "SubjectLocality" in the AuthnStatement:

    <saml2:AuthnStatement AuthnInstant="2011-03-01T10:04:20.847Z" SessionIndex="3f15ff676d6cf951ccc59366600072f95ba0e9342edb3aa33f0be062df8bbd4e">
    <saml2:SubjectLocality Address="127.0.0.1"/>
    <saml2:AuthnContext>
      <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol</saml2:AuthnContextClassRef>
    </saml2:AuthnContext>
    </saml2:AuthnStatement>
    

     

     

     

    This results in the following exception

     

    2011-03-01 11:04:21,194 TRACE [org.picketlink.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator] (http-127.0.0.1-8080-1) Server Exception:
    java.lang.RuntimeException: Unknown tag:SubjectLocality
    at org.picketlink.identity.federation.core.parsers.util.SAMLParserUtil.parseAuthnStatement(SAMLParserUtil.java:271)
    at org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser.parse(SAMLAssertionParser.java:157)
    at org.picketlink.identity.federation.core.parsers.saml.SAMLResponseParser.parse(SAMLResponseParser.java:83)
    at org.picketlink.identity.federation.core.parsers.saml.SAMLParser.parse(SAMLParser.java:91)
    at org.picketlink.identity.federation.core.parsers.AbstractParser.parse(AbstractParser.java:91)
    at org.picketlink.identity.federation.api.saml.v2.response.SAML2Response.getSAML2ObjectFromStream(SAML2Response.java:347)
    at org.picketlink.identity.federation.web.process.ServiceProviderSAMLResponseProcessor.process(ServiceProviderSAMLResponseProcessor.java:116)
    at org.picketlink.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator.authenticate(SPPostFormAuthenticator.java:205)
    

     

     

    I have seen in the code, that it expects the element AuthnContext to be the first element after AuthnStatement. I think this did not happen with the picketlink-1.0.4-final release. Is this a bug in V2?

  • 9. PicketLink v2  Builds
    Anil Saldhana Master

    https://issues.jboss.org/browse/PLFED-152

     

    It should be fixed very shortly and a new build will arrive this week.

  • 10. Re: PicketLink v2  Builds
    Anil Saldhana Master

    https://issues.jboss.org/browse/PLFED-152 is fixed in trunk.  It should be reflected in the build attachment after 28 Feb 2011.

  • 11. Re: PicketLink v2  Builds
    Glen Mazza Newbie

    What version of JBAS server do I need to run this version of PL V2 -- will 6.0 final do it or do I need version 7?

  • 12. Re: PicketLink v2  Builds
    Glen Mazza Newbie

    Version 6 will apparently do.

  • 13. Re: PicketLink v2  Builds
    Glen Mazza Newbie

    Hello, I'm getting errors running "mvn clean install" on the two Picketlink projects referenced in this post.  Do I need to add SNAPSHOT repositories to my settings.xml (or anything else)?

     

    When running http://anonsvn.jboss.org/repos/picketlink/federation/trunk/, it fails on "core":

     

    [INFO] PicketLink Federation- Parent ..................... SUCCESS [0.814s]

    [INFO] PicketLink Federation XML Security Model .......... SUCCESS [2.540s]

    [INFO] PicketLink Federation Model ....................... SUCCESS [6.896s]

    [INFO] PicketLink Federation Core ........................ FAILURE [14.430s]

    [INFO] PicketLink Federation Consolidated API ............ SKIPPED

    [INFO] PicketLink Federation Web ......................... SKIPPED

    ....

     

    With this error message:

    [ERROR] Failed to execute goal on project picketlink-fed-core: Could not resolve dependencies for project org.picketlink:picketlink-fed-core:jar:2.0.0-SNAPSHOT: Failed to collect dependencies for [org.picketlink:picketlink-fed-model:jar:2.0.0-SNAPSHOT (compile), org.picketlink:picketlink-xmlsec-model:jar:2.0.0-SNAPSHOT (compile), apache-log4j:log4j:jar:1.2.14 (compile), org.apache:xmlsec:jar:1.4.3 (compile), apache-logging:commons-logging-api:jar:1.0.3 (compile), org.jboss.security:jbossxacml:jar:2.0.4 (compile), org.jboss.security:jboss-security-spi:jar:2.0.4 (compile), javax.servlet:servlet-api:jar:2.4 (compile), org.jboss.security:jbosssx:jar:2.0.4 (compile), javax.persistence:persistence-api:jar:1.0 (compile), org.apache.tomcat:annotations-api:jar:6.0.18 (provided), junit:junit:jar:4.4 (test), org.mockito:mockito-all:jar:1.8.0 (test), xmlunit:xmlunit:jar:1.1 (test), apache-xalan:xalan:jar:2.7.1.patch01-brew (test), apache-xalan:serializer:jar:2.7.1.patch01-brew (test), org.openid4java:openid4java-nodeps:jar:0.9.5 (compile), commons-httpclient:commons-httpclient:jar:3.1 (test)]: Failed to read artifact descriptor for apache-log4j:log4j:jar:1.2.14: Could not transfer artifact apache-log4j:log4j:pom:1.2.14 from/to repository.jboss.org (http://repository.jboss.org/maven2/): Access denied to: http://repository.jboss.org/maven2/apache-log4j/log4j/1.2.14/log4j-1.2.14.pom -> [Help 1]

    [ERROR]

     

    When running mvn clean install from http://anonsvn.jboss.org/repos/picketlink/trust/trunk/, it fails on trust for JBossWS:

    [INFO] Reactor Summary:

    [INFO]

    [INFO] PicketLink Trust - Parent ......................... SUCCESS [1.116s]

    [INFO] PicketLink Trust for JBossWS ...................... FAILURE [0.154s]

    [INFO] PicketLink Trust - Aggregator ..................... SKIPPED

    [INFO] ------------------------------------------------------------------------

     

    Error message:

    [ERROR] Failed to execute goal on project picketlink-trust-jbossws: Could not resolve dependencies for project org.picketlink:picketlink-trust-jbossws:jar:2.0.0-SNAPSHOT: The following artifacts could not be resolved: org.picketlink:picketlink-fed:jar:2.0.0-SNAPSHOT, org.picketlink:picketlink-bindings-jboss:jar:2.0.0-SNAPSHOT: Failure to find org.picketlink:picketlink-fed:jar:2.0.0-SNAPSHOT in http://repository.jboss.org/nexus/content/groups/public/ was cached in the local repository, resolution will not be reattempted until the update interval of jboss-public-repository-group has elapsed or updates are forced -> [Help 1]

  • 14. Re: PicketLink v2  Builds
    Anil Saldhana Master

    Must be missing maven artifacts from the respository. 

1 2 Previous Next