1 2 Previous Next 23 Replies Latest reply on Nov 30, 2011 1:58 PM by dsutherland1492

    PicketLink v2  Builds

    anil.saldhana

      Disclaimer:  These builds are work in progress.  Please do not think they are stable.

       

      I am going to use this discussion thread for testing out the PL2 builds. 

       

      To test in JBoss AS, 

       

      1) Please create a new server distribution called pl

      cp -R default pl

       

      2) Just unzip the zip in the deploy folder /server/pl/deploy

       

      3) Start the JBAS server

      ./run.sh -c pl

      run -c pl

       

      File attachments: 12 march 2012

       

      Advanced Users

      The workspaces are here: 

      The federation trunk workspace:

      http://anonsvn.jboss.org/repos/picketlink/federation/trunk/

       

      The trust workspace:

      http://anonsvn.jboss.org/repos/picketlink/trust/trunk/

       

      First you have to get the federation workspace building correctly for the trust workspace to build. The trust workspace depends on the federation workspace artifacts installed in the local maven repository.

       

       

       

      You can create patches and submit once you have signed a simple click thru CLA here:  http://www.jboss.org/contribute

      (Sign either as individual or company).

       

       

      What is the lite zip?

      It just contains the jar files and no war files.

       

       

      Incremental Builds

      Please see the attachments.

      Stable Builds

      http://www.jboss.org/picketlink/downloads

        • 1. Re: PicketLink v2  Builds
          dobesv

          Hi,

           

          I installed this one but even after fixing compile errors I get an error trying to use JAXB to load IdP metadata:

           

            org.picketlink.identity.federation.core.exceptions.ConfigurationException: com.sun.xml.bind.v2.runtime.IllegalAnnotationsException: 1 counts of IllegalAnnotationExceptions

            org.picketlink.identity.xmlsec.w3.xmldsig.CanonicalizationMethodType does not have a no-arg default constructor.

                    this problem is related to the following location:

                              at org.picketlink.identity.xmlsec.w3.xmldsig.CanonicalizationMethodType

                              at public org.picketlink.identity.xmlsec.w3.xmldsig.CanonicalizationMethodType org.picketlink.identity.xmlsec.w3.xmldsig.SignedInfoType.getCanonicalizationMethod()

                              at org.picketlink.identity.xmlsec.w3.xmldsig.SignedInfoType

                              at public org.picketlink.identity.xmlsec.w3.xmldsig.SignedInfoType org.picketlink.identity.xmlsec.w3.xmldsig.SignatureType.getSignedInfo()

                              at org.picketlink.identity.xmlsec.w3.xmldsig.SignatureType

                              at public org.picketlink.identity.xmlsec.w3.xmldsig.SignatureType org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntitiesDescriptorType.getSignature()

                              at org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntitiesDescriptorType

           

          The line of code I am using that triggers this is:

           

            JAXBContext xmlContext = JAXBContext.newInstance(EntitiesDescriptorType.class);

           

          Any chance of putting a no-arg constructor on that class?  Or am I using the wrong class for this purpose?

          • 2. Re: PicketLink v2  Builds
            anil.saldhana

            Dobes,  you should not use JAXB.

             

            If you have a stream, you can use the SAMLParser class to parse a stream and cast it to the object you want.

             

            If you are constructing metadata manually, then use new.

            • 3. Re: PicketLink v2  Builds
              dobesv

              Hi,

               

              I'll try that.  I haven't found any docs on how to use that, is there a source distribution I can use so that I can read the sources to figure things out?

               

              Seems like the first problem I am having is an error "unsupported extensions"...

               

              java.lang.RuntimeException: Unknown Extensions
                   at org.picketlink.identity.federation.core.parsers.saml.metadata.SAMLEntityDescriptorParser.parseIDPSSODescriptor(SAMLEntityDescriptorParser.java:356)
                   at org.picketlink.identity.federation.core.parsers.saml.metadata.SAMLEntityDescriptorParser.parse(SAMLEntityDescriptorParser.java:113)
                   at org.picketlink.identity.federation.core.parsers.saml.SAMLParser.parse(SAMLParser.java:113)
                   at org.picketlink.identity.federation.core.parsers.AbstractParser.parse(AbstractParser.java:91)
              
              • 4. Re: PicketLink v2  Builds
                anil.saldhana

                Dobes,

                 

                the workspace is here:  http://anonsvn.jboss.org/repos/picketlink/federation/trunk/

                 

                Our parsers throw exceptions when they cannot understand some elements. This is our way of knowing when we have not handled something.  Would you be kind to create a JIRA issue with the sample metadata file?  You can mask or change sensitive information from the md file.   I can get a new build asap.

                • 5. Re: PicketLink v2  Builds
                  dobesv

                  Added as https://issues.jboss.org/browse/PLINK-46

                   

                  Would it be difficult to include the source code in the next build, either right in the jar files or as a source jar?

                   

                  Possibly I can get the source from that SVN repo and build the jars myself ... I'll take a look at that option too.

                  • 6. Re: PicketLink v2  Builds
                    anil.saldhana

                    Since the changes were minimal, I made the bug fix and is attached as jar to the JIRA issue: https://issues.jboss.org/browse/PLFED-139

                     

                    Thanks for the JIRA issue and the metadata file.  The problem was that we were not handling the optional metadata extensions element. Also there was the other bug in KeyTypes "use" optional element.

                    • 7. PicketLink v2  Builds
                      kroessi

                      Just one small issue:

                      It seems that the openid4java.jar is missing in the build. The deployment of idp.war and idp-sig.war failed with message

                      2011-03-01 08:56:27,080 ERROR [org.apache.catalina.core.StandardContext] (main) Context [/idp-sig] startup failed due to previous errors

                      java.lang.NoClassDefFoundError: org/openid4java/message/ParameterList

                      After I added the jar, everything works fine.

                      • 8. Re: PicketLink v2  Builds
                        kroessi

                        My SAML-Token from Shibboleth contains an element "SubjectLocality" in the AuthnStatement:

                        {code}

                        <saml2:AuthnStatement AuthnInstant="2011-03-01T10:04:20.847Z" SessionIndex="3f15ff676d6cf951ccc59366600072f95ba0e9342edb3aa33f0be062df8bbd4e">

                        <saml2:SubjectLocality Address="127.0.0.1"/>

                        <saml2:AuthnContext>

                          <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol</saml2:AuthnContextClassRef>

                        </saml2:AuthnContext>

                        </saml2:AuthnStatement>

                        {code}

                         

                         

                        This results in the following exception

                         

                        {code}

                        2011-03-01 11:04:21,194 TRACE [org.picketlink.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator] (http-127.0.0.1-8080-1) Server Exception:

                        java.lang.RuntimeException: Unknown tag:SubjectLocality

                        at org.picketlink.identity.federation.core.parsers.util.SAMLParserUtil.parseAuthnStatement(SAMLParserUtil.java:271)

                        at org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser.parse(SAMLAssertionParser.java:157)

                        at org.picketlink.identity.federation.core.parsers.saml.SAMLResponseParser.parse(SAMLResponseParser.java:83)

                        at org.picketlink.identity.federation.core.parsers.saml.SAMLParser.parse(SAMLParser.java:91)

                        at org.picketlink.identity.federation.core.parsers.AbstractParser.parse(AbstractParser.java:91)

                        at org.picketlink.identity.federation.api.saml.v2.response.SAML2Response.getSAML2ObjectFromStream(SAML2Response.java:347)

                        at org.picketlink.identity.federation.web.process.ServiceProviderSAMLResponseProcessor.process(ServiceProviderSAMLResponseProcessor.java:116)

                        at org.picketlink.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator.authenticate(SPPostFormAuthenticator.java:205)

                        {code}

                         

                        I have seen in the code, that it expects the element AuthnContext to be the first element after AuthnStatement. I think this did not happen with the picketlink-1.0.4-final release. Is this a bug in V2?

                        • 9. PicketLink v2  Builds
                          anil.saldhana

                          https://issues.jboss.org/browse/PLFED-152

                           

                          It should be fixed very shortly and a new build will arrive this week.

                          • 10. Re: PicketLink v2  Builds
                            anil.saldhana

                            https://issues.jboss.org/browse/PLFED-152 is fixed in trunk.  It should be reflected in the build attachment after 28 Feb 2011.

                            • 11. Re: PicketLink v2  Builds
                              mazzag

                              What version of JBAS server do I need to run this version of PL V2 -- will 6.0 final do it or do I need version 7?

                              • 12. Re: PicketLink v2  Builds
                                mazzag

                                Version 6 will apparently do.

                                • 13. Re: PicketLink v2  Builds
                                  mazzag

                                  Hello, I'm getting errors running "mvn clean install" on the two Picketlink projects referenced in this post.  Do I need to add SNAPSHOT repositories to my settings.xml (or anything else)?

                                   

                                  When running http://anonsvn.jboss.org/repos/picketlink/federation/trunk/, it fails on "core":

                                   

                                  [INFO] PicketLink Federation- Parent ..................... SUCCESS [0.814s]

                                  [INFO] PicketLink Federation XML Security Model .......... SUCCESS [2.540s]

                                  [INFO] PicketLink Federation Model ....................... SUCCESS [6.896s]

                                  [INFO] PicketLink Federation Core ........................ FAILURE [14.430s]

                                  [INFO] PicketLink Federation Consolidated API ............ SKIPPED

                                  [INFO] PicketLink Federation Web ......................... SKIPPED

                                  ....

                                   

                                  With this error message:

                                  [ERROR] Failed to execute goal on project picketlink-fed-core: Could not resolve dependencies for project org.picketlink:picketlink-fed-core:jar:2.0.0-SNAPSHOT: Failed to collect dependencies for [org.picketlink:picketlink-fed-model:jar:2.0.0-SNAPSHOT (compile), org.picketlink:picketlink-xmlsec-model:jar:2.0.0-SNAPSHOT (compile), apache-log4j:log4j:jar:1.2.14 (compile), org.apache:xmlsec:jar:1.4.3 (compile), apache-logging:commons-logging-api:jar:1.0.3 (compile), org.jboss.security:jbossxacml:jar:2.0.4 (compile), org.jboss.security:jboss-security-spi:jar:2.0.4 (compile), javax.servlet:servlet-api:jar:2.4 (compile), org.jboss.security:jbosssx:jar:2.0.4 (compile), javax.persistence:persistence-api:jar:1.0 (compile), org.apache.tomcat:annotations-api:jar:6.0.18 (provided), junit:junit:jar:4.4 (test), org.mockito:mockito-all:jar:1.8.0 (test), xmlunit:xmlunit:jar:1.1 (test), apache-xalan:xalan:jar:2.7.1.patch01-brew (test), apache-xalan:serializer:jar:2.7.1.patch01-brew (test), org.openid4java:openid4java-nodeps:jar:0.9.5 (compile), commons-httpclient:commons-httpclient:jar:3.1 (test)]: Failed to read artifact descriptor for apache-log4j:log4j:jar:1.2.14: Could not transfer artifact apache-log4j:log4j:pom:1.2.14 from/to repository.jboss.org (http://repository.jboss.org/maven2/): Access denied to: http://repository.jboss.org/maven2/apache-log4j/log4j/1.2.14/log4j-1.2.14.pom -> [Help 1]

                                  [ERROR]

                                   

                                  When running mvn clean install from http://anonsvn.jboss.org/repos/picketlink/trust/trunk/, it fails on trust for JBossWS:

                                  [INFO] Reactor Summary:

                                  [INFO]

                                  [INFO] PicketLink Trust - Parent ......................... SUCCESS [1.116s]

                                  [INFO] PicketLink Trust for JBossWS ...................... FAILURE [0.154s]

                                  [INFO] PicketLink Trust - Aggregator ..................... SKIPPED

                                  [INFO] ------------------------------------------------------------------------

                                   

                                  Error message:

                                  [ERROR] Failed to execute goal on project picketlink-trust-jbossws: Could not resolve dependencies for project org.picketlink:picketlink-trust-jbossws:jar:2.0.0-SNAPSHOT: The following artifacts could not be resolved: org.picketlink:picketlink-fed:jar:2.0.0-SNAPSHOT, org.picketlink:picketlink-bindings-jboss:jar:2.0.0-SNAPSHOT: Failure to find org.picketlink:picketlink-fed:jar:2.0.0-SNAPSHOT in http://repository.jboss.org/nexus/content/groups/public/ was cached in the local repository, resolution will not be reattempted until the update interval of jboss-public-repository-group has elapsed or updates are forced -> [Help 1]

                                  • 14. Re: PicketLink v2  Builds
                                    anil.saldhana

                                    Must be missing maven artifacts from the respository. 

                                    1 2 Previous Next