test

Sun OpenSSO Enterprise 8.0 Deployment Planning Guide

Setting Up and Configuring Web Services Security Using Security Token Service

OpenSSO Enterprise ships with the StockQuoteClient and StockService sample applications. These sample applications show you how the Web Service Client, Web Service Provider, and Secure Token Service interact together in a demonstration environment. The sample applications are available in the wssagents/openssowssproviders.zip on the OpenSSO Enterprise download site.

To configure and deploy the sample applications, see the README files in the zipped archive. The following steps describe the high-level tasks for setting up the deployment illustrated in section Use Case 1. This deployment uses the StockQuoteClient (Web Service Client) and StockService (Web Service Provider) applications, from the OpenSSO Enterprise samples.

  1. Create and configure a Secure Token Service instance, STS-1.

    1. Install the STS-1 instance.

    2. Configure a policy agent profile for the Web Service Provider.

    3. Select security mechanisms.

  2. Create and configure a second Secure Token Service instance, STS-2 instance.

    1. Install the STS-2 instance.

    2. Configure an policy agent profile for the STS-1 instance.

  3. Create and configure the Configuration Instance for the Web Service Client and Web Service Provider.

    1. Install the WSC-WSP Configuration Instance.

    2. Create And Configure a policy agent profile for the STS-2 instance.

    3. Configure a policy agent profile for the STS-1 instance.

    4. Configure a policy agent profile for the Web Service Client.

    5. Configure a policy agent profile for the Web Service Provider.

  4. Create and configure the Web Service Client instance.

    1. Install the Web Service Client Instance.

    2. Configure the Web Service Client as an OpenSSO Enterprise client.

    3. Configure the Web Service Client GlassFish instance.

      1. Update the GlassFish classpath.

      2. Configure for end-user authentication.

  5. Create and configure the Web Service Provider instance.

    1. Install the Web Service Provider instance.

    2. The Web Service Provider as an OpenSSO Enterprise client.

    3. Configure the Web Service Provider GlassFish instance.

  6. Build and deploy the Web Service Client application.

  7. Build and deploy the Web Service Provider application.

  8. Test to verify that the Web Service Security works as designed.