asant
and/or ant
build files. This document assumes the user is deploying the sample
applications to the Sun Java Systems Application Server, and thus asant
is used for demonstration purposes. If you are deploying to a different
application server, use the ant
tool instead. To build,
package, deploy, and run the sample applications, follow the correct
steps for your platform:
For Solaris/Linux, follow these steps. On some shells, you would use
setenv
in place ofexport
. When usingsetenv
, replace the=
with a space.
- Set the following variables as appropriate for your system:
% export JAVA_HOME=<your J2SE installation directory>
% export JWSDP_HOME=<your JWSDP 2.0 installation directory>
% export SJSAS_HOME=<your Application Server installation directory>
(or useSJSWS_HOME
orTOMCAT_HOME
) as applicable)% export ANT_HOME=$SJSAS_HOME
(or the location of your Ant installation)% export PATH=$JWSDP_HOME/jwsdp-shared/bin;$SJSAS_HOME/bin:$PATH
- Edit the sample build.properties file, following these instructions:
% cd $JWSDP_HOME/xws-security/samples
% cp build.properties.sample build.properties
- Edit
build.properties
as shown in Editing the build.properties file.- Follow the instructions provided in
%JWSDP_HOME%/xws-security/samples/<sample-name>/README.txt
for setting up and running the sample on each of the supported containers.For Windows NT/2000/XP:
- Set the following variables as appropriate for your system:
> set JAVA_HOME=<your J2SE installation directory>
> set JWSDP_HOME=<your JWSDP 2.0 installation directory>
> set SJSAS_HOME=<your Application Server installation directory>
(or useSJSWS_HOME
orTOMCAT_HOME
) as applicable)> set ANT_HOME=%SJSAS_HOME%
(or the location of your Ant installation)> set PATH=%JWSDP_HOME%\jwsdp-shared\bin;%SJSAS_HOME%\bin;%PATH%
- Edit the sample build.properties file, following these instructions:
> cd %JWSDP_HOME%\xws-security\samples
> copy build.properties.sample build.properties
- Edit
build.properties
as shown in Editing the build.properties file.- Follow the instructions provided in
%JWSDP_HOME%\xws-security\samples\<sample-name>\README.txt
for setting up and running the example on each of the supported containers.
Copy the file%JWSDP_HOME%\xws-security\samples\build.properties.sample
tobuild.properties
. The following is a list of the configurable properties with a description of what needs to be modified in thebuild.properties
file:
- javahome: Set this to the location of your Java 2 SDK installation directory
- Containers: Uncomment one of the container homes by removing the
#
symbol beside the container. Only one container home should be uncommented at a time. Uncomment the container upon which you want to test the sample application, either the Sun Java System Application Server (SJSAS), or Tomcat containers.- username: Replace this with the user name a person assigned to the role of
admin
for your Application Server or other container installation.- password: Replace this with the password for the above user.
- endpoint.host, endpoint.port: Verify the host and port information, as appropriate for your Application Server or other container installation.
- jwsdp.home: Set this to the location of your JWSDP 2.0 installation directory.
- jaxrpc.tool.verbose: Set this to true to produce verbose output from the JAX-RPC tools (such as
wscompile
).- http.proxyhost, http.proxyport: Set these to the correct values for your proxy host and proxy port if you are using an example with remote endpoints.
- example: The name of the sample (leave this as is)
samples/saajsecurity
- samples/simple
- This sample application lets you plug in different client and server-side configurations describing security settings. This sample has support for digital signatures, XML encryption/decryption, and username token verification. This example allows and demonstrates combinations of these basic security mechanisms through configuration files. See the application's README.txt file for more information on running this sample.
- samples/jaas-sample
- This sample demonstrates how to plugin a JAAS
LoginModule
for authentication. This sample allows and demonstrates the following functionality:
- Obtaining a username and password from the user at runtime. Sending the username and password in a WSS
UsernameToken
to the server.- Configuring the server application to use JAAS authentication to authenticate the username-password it received.
- Using the
SubjectAccessor
API from within the endpoint implementation methods to access the sender's subject after authentication.- samples/api-sample
- This sample application shows how to use the XWS-Security 2.0 APIs in a stand alone mode. This sample uses the com.sun.xml.wss.
XWSSProcessor
interface. TheClient.java
file uses theXWSSProcessor
APIs to secure a SOAP message.This sample does not require a container and uses configuration files that have the simpler structure starting with
<xwss:SecurityConfiguration>
as the root element. Other XWS-Security samples, such as thesimple
sample, that are based on JAX-RPC use<xwss:JAXRPCSecurity>
as the root element. See the application's README.txt file for more information on running this sample.- samples/swainterop
- This sample application demonstrates the SwA interoperability scenarios. See the application's README.txt file for more information on running this sample.
- samples/samlinterop
- This sample application demonstrates support for OASIS WSS SAML Token Profile 1.0 in XWS-Security. See the application's README.txt file for more information on running this sample.
- samples/dynamicpolicy
- This sample application demonstrates how the request and response security policies can be set at runtime from the
SecurityEnvironmentHandler
callback.See the application's README.txt file for more information on this sample.
- samples/dynamic-response
- This sample application demonstrates using the certificate that arrived in a signed request to encrypt the response back to the requester. See the application's README.txt file for more information on running this sample.
This sample application shows how to use the XWS-Security 2.0 APIs in a stand alone mode. This sample uses the
com.sun.xml.wss
.XWSSProcessor
API. This sample is a client-server sample where the client is a pure SAAJ Application and the Server is a Servlet also making use SAAJ. See the application's README.txt file for more information on running this sample.