2 Replies Latest reply on Mar 15, 2012 11:10 AM by mazzag

Can't view PicketLink STS WSDL from a browser

mazzag Mar 8, 2012 10:50 PM

Hi, I'm using the new PicketLink 2.0.2 on JBoss AS 7.1.0. I installed the PL war download which includes picketlink-sts.war. All indications are that it loaded successfully. However, I can't view the STS WSDL from a browser. Viewing the WSDL requires a Basic Auth login, but whenever I try to login from the Firefox browser (using "UserA" and "PassA" from the sts-users.xml file), the login fails and JBoss server logs the following error message: 22:27:42,726 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule] (http--127.0.0.1-8080-1) Failed to load users/passwords/role files: java.io.IOException: No properties file: sts-users.properties or defaults: defaultUsers.properties found at org.jboss.security.auth.spi.Util.loadProperties(Util.java:228) [picketbox-4.0.6.final.jar:4.0.6.final] at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:189) [picketbox-4.0.6.final.jar:4.0.6.final] at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:203) [picketbox-4.0.6.final.jar:4.0.6.final] at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:130) [picketbox-4.0.6.final.jar:4.0.6.final] It could be that I'm not placing the sts-users.properties file in the correct place. I have it in the $JBOSS_HOME/standalone/configuration/ folder alongside the standalone.xml file. sts-config.properties and sts-roles are there too. Is there another directory location where I should place these files? That's the only thing I can see why PL can't find the sts-users.xml file. My standalone.xml has this security configuration for picketlink-sts (from Anil's config file he uses for his testcases): My sts-users.xml and sts-roles files are the same as the bottom of this article: https://community.jboss.org/wiki/SAMLEnabledPOJOWebServices My sts-config.xml file: http://anonsvn.jboss.org/repos/picketlink/integration-tests/trunk/picketlink-sts-tests/src/test/resources/sts-config.properties The method that's failing is here--perhaps it's the case that it wants the sts-users.xml file in the classpath and not in the configuration directory, but that seems strange: http://grepcode.com/file/repository.jboss.org/nexus/content/repositories/releases/org.picketbox/jbosssx-bare/4.0.6.Beta2/org/jboss/security/auth/spi/Util.java#Util.loadProperties%28java.lang.String%2Cjava.lang.String%2Corg.jboss.logging.Logger%29 Any ideas what the problem is? Thanks, Glen

1. Re: Can't view PicketLink STS WSDL from a browser

mazzag Mar 8, 2012 10:58 PM (in response to mazzag)
OK, asking the very same question, this time with formatting:

Hi, I'm using the new PicketLink 2.0.2 on JBoss AS 7.1.0. I installed the PL war download which includes picketlink-sts.war. All indications are that it loaded successfully.

However, I can't view the STS WSDL from a browser. Viewing the WSDL requires a Basic Auth login, but whenever I try to login from the Firefox browser (using "UserA" and "PassA" from the sts-users.xml file), the login fails and JBoss server logs the following error message:

22:27:42,726 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule] (http--127.0.0.1-8080-1) Failed to load users/passwords/role files: java.io.IOException: No properties file: sts-users.properties or defaults: defaultUsers.properties found           at org.jboss.security.auth.spi.Util.loadProperties(Util.java:228) [picketbox-4.0.6.final.jar:4.0.6.final]       at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:189) [picketbox-4.0.6.final.jar:4.0.6.final]       at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:203) [picketbox-4.0.6.final.jar:4.0.6.final]       at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:130) [picketbox-4.0.6.final.jar:4.0.6.final]
It could be that I'm not placing the sts-users.properties file in the correct place. I have it in the $JBOSS_HOME/standalone/configuration/ folder alongside the standalone.xml file. sts-config.properties and sts-roles are there too. Is there another directory location where I should place these files? That's the only thing I can see why PL can't find the sts-users.xml file.
My standalone.xml has this security configuration for picketlink-sts (from Anil's config file he uses for his testcases):

         <security-domain name="picketlink-sts" cache-type="default">
         <authentication>
             <login-module code="UsersRoles" flag="required">
                 <module-option name="usersProperties" value="sts-users.properties"/>
                 <module-option name="rolesProperties" value="sts-roles.properties"/>
             </login-module>
         </authentication>
     </security-domain>

My sts-users.xml and sts-roles files are the same as the bottom of this article: https://community.jboss.org/wiki/SAMLEnabledPOJOWebServices
My sts-config.xml file: http://anonsvn.jboss.org/repos/picketlink/integration-tests/trunk/picketlink-sts-tests/src/test/resources/sts-config.properties
The method that's failing is here--perhaps it's the case that it wants the sts-users.xml file in the classpath and not in the configuration directory, but that seems strange: http://grepcode.com/file/repository.jboss.org/nexus/content/repositories/releases/org.picketbox/jbosssx-bare/4.0.6.Beta2/org/jboss/security/auth/spi/Util.java#Util.loadProperties%28java.lang.String%2Cjava.lang.String%2Corg.jboss.logging.Logger%29
Any ideas what the problem is?

Thanks,
Glen
Actions
2. Re: Can't view PicketLink STS WSDL from a browser

mazzag Mar 15, 2012 11:10 AM (in response to mazzag)

Problem solved by Pedro Igor for me on another thread (https://community.jboss.org/message/722826#722826). I had forgotten to place the "${jboss.server.config.dir}/" prefix before the properties files in my configuration above. That fixed it for me.
Actions

Go to original post