diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-saml-core/main/module.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-saml-core/main/module.xml old mode 100644 new mode 100755 index 8c7846991b..45b2e52419 --- a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-saml-core/main/module.xml +++ b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-saml-core/main/module.xml @@ -8,6 +8,7 @@ + diff --git a/distribution/saml-adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-saml-core/main/module.xml b/distribution/saml-adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-saml-core/main/module.xml index 1e59fd173e..7f75d0c972 100755 --- a/distribution/saml-adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-saml-core/main/module.xml +++ b/distribution/saml-adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-saml-core/main/module.xml @@ -8,6 +8,7 @@ + diff --git a/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-saml-core/main/module.xml b/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-saml-core/main/module.xml index 1e59fd173e..7f75d0c972 100755 --- a/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-saml-core/main/module.xml +++ b/distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-saml-core/main/module.xml @@ -8,6 +8,7 @@ + diff --git a/examples/saml/README.md b/examples/saml/README.md old mode 100644 new mode 100755 index a6a65f986d..89fdee2678 --- a/examples/saml/README.md +++ b/examples/saml/README.md @@ -1,8 +1,8 @@ -# Keycloak SAML Quickstarts +# Keycloak SAML + Picketlink Client Quickstarts ## Introduction -These quickstarts run on JBoss Enterprise Application Platform 6 or WildFly. +These quickstarts show using Keycloak Server's SAML support with Picketlink's SAML client adapter. These quickstarts run on JBoss Enterprise Application Platform 6 or WildFly. We recommend using the Keycloak Appliance Distribution to test the quickstarts as it has already some things pre-set for you. There is individual README.md file specific for each quickstart in the particular subdirectory with the quickstart. Here are just some general info about the requirements for your OS etc. diff --git a/examples/saml/pom.xml b/examples/saml/pom.xml index f324686870..3abd290b01 100755 --- a/examples/saml/pom.xml +++ b/examples/saml/pom.xml @@ -25,10 +25,8 @@ - post-basic post-with-signature post-with-encryption - redirect-basic redirect-with-signature diff --git a/examples/saml/post-basic/README.md b/examples/saml/post-basic/README.md deleted file mode 100755 index b84a6d3aca..0000000000 --- a/examples/saml/post-basic/README.md +++ /dev/null @@ -1,254 +0,0 @@ -picketlink-federation-saml-sp-post-basic: PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding -=============================== -Author: Pedro Igor -Level: Intermediate -Technologies: PicketLink Federation, SAML v2.0 -Summary: Basic example that demonstrates how to setup an application as a SAML v2.0 Service Provider using SAML HTTP POST Binding. -Source: - - -What is it? ------------ - -This example demonstrates Keycloak SAML 2.0 support in conjunction with a servlet secured by Picketlink's SAML SP client. - -WARNING: This example doesn't use signed SAML request and response messages. It's used just for demonstration purpose, but in production -you should always use signed SAML messages as shown in "post-with-signature" or "post-with-encryption" examples. - - -Make sure you've set up the Keycloak Server --------------------------------------- -The Keycloak Appliance Distribution comes with a preconfigured Keycloak server (based on Wildfly). You can use it out of -the box to run these demos. So, if you're using this, you can head to Step 2. - -Alternatively, you can install the Keycloak Server onto any EAP 6.x, or Wildfly 8.x server, but there is -a few steps you must follow. - -Obtain latest keycloak-war-dist-all.zip. This distro is used to install Keycloak onto an existing JBoss installation. -This installs the server. - - $ cd ${wildfly.jboss.home}/standalone - $ cp -r ${keycloak-war-dist-all}/deployments . - -To be able to run the demos you also need to install the Keycloak client adapter. For Wildfly: - - $ cd ${wildfly.home} - $ unzip ${keycloak-war-dist-all}/adapters/keycloak-wildfly-adapter-dist.zip - -For JBoss EAP 6.x - - $ cd ${eap.home} - $ unzip ${keycloak-war-dist-all}/adapters/keycloak-eap6-adapter-dist.zip - -For JBoss AS 7.1.1: - - $ cd ${as7.home} - $ unzip ${keycloak-war-dist-all}/adapters/keycloak-as7-adapter-dist.zip - -Unzipping the adapter ZIP only installs the JAR files. You must also add the Keycloak Subsystem to the server's -configuration (standalone/configuration/standalone.xml). - - - - - - ... - - - - - ... - - -Boot Keycloak Server ---------------------------------------- -Where you go to start up the Keycloak Server depends on which distro you installed. - -From appliance: - -``` -$ cd keycloak/bin -$ ./standalone.sh -``` - - -From existing Wildfly/EAP6/AS7 distro - -``` -$ cd ${wildfly.jboss.home}/bin -$ ./standalone.sh -``` - - -Import the Test Realm ---------------------------------------- -Next thing you have to do is import the test realm for the demo. Clicking on the below link will bring you to the -create realm page in the Admin UI. The username/password is admin/admin to login in. Keycloak will ask you to -create a new admin password before you can go to the create realm page. - -[http://localhost:8080/auth/admin/master/console/#/create/realm](http://localhost:8080/auth/admin/master/console/#/create/realm) - -Import the testsaml.json file that is in the saml/ example directory. - - - -Install Picketlink Modules into App server ------------------------------------------- - -If you are running this example with the Keycloak application distribution, you can skip this step. - -You may have to upgrade your picketlink modules in your JBoss EAP or Wildfly distribution. See Picketlink docs for more details. - -Create the Security Domain for JBoss EAP ---------------- -If you are running this example with the Keycloak application distribution, you can skip this step. - - -These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. - -You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-eap.cli` script provided in the root directory of this quickstart. - -1. Before you begin, back up your server configuration file - * If it is running, stop the JBoss server. - * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` - * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. - -2. Start the JBoss server by typing the following: - - For Linux: JBOSS_HOME/bin/standalone.sh - For Windows: JBOSS_HOME\bin\standalone.bat -3. Review the `configure-security-domain-eap.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. - -4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: - - JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-eap.cli - -You should see the following result when you run the script: - - The batch executed successfully - { - "outcome" => "success", - } - - -Create the Security Domain for WildFly ---------------- -If you are running this example with the Keycloak application distribution, you can skip this step. - -These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. - -You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-wildfly.cli` script provided in the root directory of this quickstart. - -1. Before you begin, back up your server configuration file - * If it is running, stop the JBoss server. - * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` - * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. - -2. Start the JBoss server by typing the following: - - For Linux: JBOSS_HOME/bin/standalone.sh - For Windows: JBOSS_HOME\bin\standalone.bat -3. Review the `configure-security-domain-wildfly.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. - -4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: - - JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-wildfly.cli - -You should see the following result when you run the script: - - The batch executed successfully - { - "outcome" => "success", - } - - - -Review the Modified Server Configuration for EAP ------------------------------------ -If you are running this example with the Keycloak application distribution, you can skip this step. - -If you want to review and understand newly added XML configuration, stop the JBoss server and open the `JBOSS_HOME/standalone/configuration/standalone.xml` file. - -The following `sp` security-domain was added to the `security` subsystem. - - - - - - - -The configuration above defines a security-domain which will be used by the SP to authenticate users based on a SAML Assertion previously issued by a Identity Provider. - -Review the Modified Server Configuration for WildFly ------------------------------------ -If you are running this example with the Keycloak application distribution, you can skip this step. - -If you are using Wildfly, the security-domain should have the following configuration: - - - - - - - - -SAML SP-Initiated Single Sign-On ------------------------------------ - -The SAML v2.0 specification defines a specific SSO mode called *SP-Initiated SSO*. In this mode, the SSO flow starts at the Service Provider side. -Please, take a look at the following documentation for more details: - -1. [SAML v2.0 SP-Initiated SSO](https://docs.jboss.org/author/display/PLINK/SP-Initiated+SSO) - - -Start JBoss Enterprise Application Platform 6 or WildFly with the Web Profile -------------------------- - -1. Open a command line and navigate to the root of the JBoss server directory. -2. The following shows the command line to start the server with the web profile: - - For Linux: JBOSS_HOME/bin/standalone.sh - For Windows: JBOSS_HOME\bin\standalone.bat - - -Build and Deploy the Quickstart -------------------------- - -_NOTE: The following build command assumes you have configured your Maven user settings. If you have not, you must include Maven setting arguments on the command line. See [Build and Deploy the Quickstarts](../README.md#build-and-deploy-the-quickstarts) for complete instructions and additional options._ - -1. Make sure you have started the JBoss Server as described above. -2. Open a command line and navigate to the root directory of this quickstart. -3. Type this command to build and deploy the archive: - - For EAP 6: mvn clean package jboss-as:deploy - For WildFly: mvn -Pwildfly clean package wildfly:deploy - -4. This will deploy `target/picketlink-federation-saml-sp-post-basic.war` to the running instance of the server. - - -Access the application ---------------------- - -The application will be running at the following URL: . - -*Note: A Service Provider alone is not very useful without an Identity Provider to authenticate users and issue SAML Assertions. Once you get this application deployed, please take a look at [About the PicketLink Federation Quickstarts](../README.md#about-the-keycloak-saml-quickstarts).* - - -Undeploy the Archive --------------------- - -1. Make sure you have started the JBoss Server as described above. -2. Open a command line and navigate to the root directory of this quickstart. -3. When you are finished testing, type this command to undeploy the archive: - - For EAP 6: mvn jboss-as:undeploy - For WildFly: mvn -Pwildfly wildfly:undeploy - - -Debug the Application ------------------------------------- - -If you want to debug the source code or look at the Javadocs of any library in the project, run either of the following commands to pull them into your local repository. The IDE should then detect them. - - mvn dependency:sources - mvn dependency:resolve -Dclassifier=javadoc \ No newline at end of file diff --git a/examples/saml/post-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml b/examples/saml/post-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/post-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/post-basic/conf/jboss-eap/WEB-INF/jboss-web.xml b/examples/saml/post-basic/conf/jboss-eap/WEB-INF/jboss-web.xml deleted file mode 100644 index c461ff2267..0000000000 --- a/examples/saml/post-basic/conf/jboss-eap/WEB-INF/jboss-web.xml +++ /dev/null @@ -1,16 +0,0 @@ - - - - sp - - - sales-post - - - - org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator - - diff --git a/examples/saml/post-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml b/examples/saml/post-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/post-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/post-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension b/examples/saml/post-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension deleted file mode 100644 index ffaf42ca71..0000000000 --- a/examples/saml/post-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension +++ /dev/null @@ -1 +0,0 @@ -org.picketlink.identity.federation.bindings.wildfly.sp.SPServletExtension \ No newline at end of file diff --git a/examples/saml/post-basic/conf/wildfly/WEB-INF/jboss-web.xml b/examples/saml/post-basic/conf/wildfly/WEB-INF/jboss-web.xml deleted file mode 100644 index e11a2b4e6e..0000000000 --- a/examples/saml/post-basic/conf/wildfly/WEB-INF/jboss-web.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - sp - - - sales-post - diff --git a/examples/saml/post-basic/configure-security-domain-eap.cli b/examples/saml/post-basic/configure-security-domain-eap.cli deleted file mode 100644 index 9f9777c4cb..0000000000 --- a/examples/saml/post-basic/configure-security-domain-eap.cli +++ /dev/null @@ -1,16 +0,0 @@ -# Batch script to add and configure the quickstart-domain security domain in the JBoss server - -# Start batching commands -batch - -# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. -/subsystem=security/security-domain=sp:add(cache-type=default) -/subsystem=security/security-domain=sp/authentication=classic:add -/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule,flag=required) - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload - diff --git a/examples/saml/post-basic/configure-security-domain-wildfly.cli b/examples/saml/post-basic/configure-security-domain-wildfly.cli deleted file mode 100644 index 6b65d5e94f..0000000000 --- a/examples/saml/post-basic/configure-security-domain-wildfly.cli +++ /dev/null @@ -1,16 +0,0 @@ -# Batch script to add and configure the quickstart-domain security domain in the JBoss server - -# Start batching commands -batch - -# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. -/subsystem=security/security-domain=sp:add(cache-type=default) -/subsystem=security/security-domain=sp/authentication=classic:add -/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule,flag=required) - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload - diff --git a/examples/saml/post-basic/pom.xml b/examples/saml/post-basic/pom.xml deleted file mode 100644 index d4ea4ace1e..0000000000 --- a/examples/saml/post-basic/pom.xml +++ /dev/null @@ -1,107 +0,0 @@ - - 4.0.0 - - org.picketlink.quickstarts - picketlink-federation-saml-sp-post-basic - 2.7.0.Beta2 - - war - - PicketLink Quickstart: picketlink-federation-saml-sp-post-basic - PicketLink Quickstart: PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding - - http://www.picketlink.org - - - - Apache License, Version 2.0 - repo - http://www.apache.org/licenses/LICENSE-2.0.html - - - - - - 2.7.0.Beta2 - - - jboss-eap - - - 3.1 - - 2.8.1 - - 7.4.Final - - 2.1.1 - - 1.0.1.Final - - 1.6 - 1.6 - - - - - ${project.artifactId} - - - org.apache.maven.plugins - maven-deploy-plugin - ${version.deploy.plugin} - - true - - - - maven-war-plugin - ${version.war.plugin} - - - false - - - ${target.container} - - - ${basedir}/conf/${target.container} - - - - - - - org.jboss.as.plugins - jboss-as-maven-plugin - ${version.jboss.maven.plugin} - - ${project.build.finalName}-${target.container}.${project.packaging} - - - - - - - - wildfly - - wildfly - - - - - org.wildfly.plugins - wildfly-maven-plugin - ${version.wildfly.maven.plugin} - - ${project.build.finalName}-${target.container}.${project.packaging} - - - - - - - - \ No newline at end of file diff --git a/examples/saml/post-basic/remove-security-domain.cli b/examples/saml/post-basic/remove-security-domain.cli deleted file mode 100644 index 9487613e2c..0000000000 --- a/examples/saml/post-basic/remove-security-domain.cli +++ /dev/null @@ -1,13 +0,0 @@ -# Batch script to remove the quickstart-domain security domain from the JBoss server - -# Start batching commands -batch - -# Remove the security domain -/subsystem=security/security-domain=sp:remove - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload \ No newline at end of file diff --git a/examples/saml/post-basic/src/main/webapp/WEB-INF/picketlink.xml b/examples/saml/post-basic/src/main/webapp/WEB-INF/picketlink.xml deleted file mode 100755 index 269f4d3df2..0000000000 --- a/examples/saml/post-basic/src/main/webapp/WEB-INF/picketlink.xml +++ /dev/null @@ -1,20 +0,0 @@ - - - ${idp.url::http://localhost:8080/auth/realms/saml-demo/protocol/saml} - ${sales-post.url::http://localhost:8080/sales-post/} - - localhost,jboss.com,jboss.org,amazonaws.com - - - - - - - - - \ No newline at end of file diff --git a/examples/saml/post-basic/src/main/webapp/images/picketlink-banner-1180px.png b/examples/saml/post-basic/src/main/webapp/images/picketlink-banner-1180px.png deleted file mode 100644 index 2509ff4480..0000000000 Binary files a/examples/saml/post-basic/src/main/webapp/images/picketlink-banner-1180px.png and /dev/null differ diff --git a/examples/saml/post-with-encryption/conf/jboss-eap/META-INF/jboss-deployment-structure.xml b/examples/saml/post-with-encryption/conf/jboss-eap/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/post-with-encryption/conf/jboss-eap/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/post-with-encryption/conf/jboss-eap/WEB-INF/jboss-web.xml b/examples/saml/post-with-encryption/conf/jboss-eap/WEB-INF/jboss-web.xml deleted file mode 100644 index 8ef85ba321..0000000000 --- a/examples/saml/post-with-encryption/conf/jboss-eap/WEB-INF/jboss-web.xml +++ /dev/null @@ -1,16 +0,0 @@ - - - - sp - - - sales-post-enc - - - - org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator - - diff --git a/examples/saml/post-with-encryption/conf/wildfly/META-INF/jboss-deployment-structure.xml b/examples/saml/post-with-encryption/conf/wildfly/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/post-with-encryption/conf/wildfly/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension b/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension deleted file mode 100644 index ffaf42ca71..0000000000 --- a/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension +++ /dev/null @@ -1 +0,0 @@ -org.picketlink.identity.federation.bindings.wildfly.sp.SPServletExtension \ No newline at end of file diff --git a/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/jboss-web.xml b/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/jboss-web.xml deleted file mode 100644 index cafc722e5d..0000000000 --- a/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/jboss-web.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - sp - - - sales-post-enc - diff --git a/examples/saml/post-with-encryption/configure-security-domain-eap.cli b/examples/saml/post-with-encryption/configure-security-domain-eap.cli deleted file mode 100644 index 9f9777c4cb..0000000000 --- a/examples/saml/post-with-encryption/configure-security-domain-eap.cli +++ /dev/null @@ -1,16 +0,0 @@ -# Batch script to add and configure the quickstart-domain security domain in the JBoss server - -# Start batching commands -batch - -# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. -/subsystem=security/security-domain=sp:add(cache-type=default) -/subsystem=security/security-domain=sp/authentication=classic:add -/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule,flag=required) - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload - diff --git a/examples/saml/post-with-encryption/configure-security-domain-wildfly.cli b/examples/saml/post-with-encryption/configure-security-domain-wildfly.cli deleted file mode 100644 index 6b65d5e94f..0000000000 --- a/examples/saml/post-with-encryption/configure-security-domain-wildfly.cli +++ /dev/null @@ -1,16 +0,0 @@ -# Batch script to add and configure the quickstart-domain security domain in the JBoss server - -# Start batching commands -batch - -# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. -/subsystem=security/security-domain=sp:add(cache-type=default) -/subsystem=security/security-domain=sp/authentication=classic:add -/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule,flag=required) - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload - diff --git a/examples/saml/post-with-encryption/pom.xml b/examples/saml/post-with-encryption/pom.xml index e26e1fbc54..0c95d95563 100755 --- a/examples/saml/post-with-encryption/pom.xml +++ b/examples/saml/post-with-encryption/pom.xml @@ -2,16 +2,13 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> 4.0.0 - org.picketlink.quickstarts - picketlink-federation-saml-sp-with-encryption - 2.7.0.Beta2 + org.keycloak.examples + saml-post-encryption + 1.6.0.Final-SNAPSHOT war - PicketLink Quickstart: picketlink-federation-saml-sp-with-encryption - PicketLink Quickstart: PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding With Encryption Support - - http://www.picketlink.org + Keycloak SAML Adapter Example POST Binding and Assertion Encryption @@ -21,104 +18,25 @@ - - - 2.7.0.Beta2 - - - jboss-eap - - - 3.1 - - 2.8.1 - - 7.4.Final - - 2.1.1 - - 1.0.1.Final - - 1.6 - 1.6 - - ${project.artifactId} - - - src/main/resources - - - ../post-basic/src/main/resources - - - - org.apache.maven.plugins - maven-deploy-plugin - ${version.deploy.plugin} - - true - - - - maven-war-plugin - ${version.war.plugin} - - - false - - - ${target.container} - - - - - src/main/webapp - - - ../post-basic/src/main/webapp - - - ${basedir}/conf/${target.container} - - - - - org.jboss.as.plugins jboss-as-maven-plugin - ${version.jboss.maven.plugin} - ${project.build.finalName}-${target.container}.${project.packaging} + false + + + + org.wildfly.plugins + wildfly-maven-plugin + + false - - - wildfly - - wildfly - - - - - org.wildfly.plugins - wildfly-maven-plugin - ${version.wildfly.maven.plugin} - - ${project.build.finalName}-${target.container}.${project.packaging} - - - - - - - diff --git a/examples/saml/post-with-encryption/remove-security-domain.cli b/examples/saml/post-with-encryption/remove-security-domain.cli deleted file mode 100644 index 9487613e2c..0000000000 --- a/examples/saml/post-with-encryption/remove-security-domain.cli +++ /dev/null @@ -1,13 +0,0 @@ -# Batch script to remove the quickstart-domain security domain from the JBoss server - -# Start batching commands -batch - -# Remove the security domain -/subsystem=security/security-domain=sp:remove - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload \ No newline at end of file diff --git a/examples/saml/post-with-encryption/src/main/webapp/WEB-INF/keycloak-saml.xml b/examples/saml/post-with-encryption/src/main/webapp/WEB-INF/keycloak-saml.xml new file mode 100755 index 0000000000..c3132e2168 --- /dev/null +++ b/examples/saml/post-with-encryption/src/main/webapp/WEB-INF/keycloak-saml.xml @@ -0,0 +1,45 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/examples/saml/post-with-encryption/src/main/resources/keystore.jks b/examples/saml/post-with-encryption/src/main/webapp/WEB-INF/keystore.jks similarity index 100% rename from examples/saml/post-with-encryption/src/main/resources/keystore.jks rename to examples/saml/post-with-encryption/src/main/webapp/WEB-INF/keystore.jks diff --git a/examples/saml/post-basic/src/main/webapp/WEB-INF/web.xml b/examples/saml/post-with-encryption/src/main/webapp/WEB-INF/web.xml old mode 100644 new mode 100755 similarity index 79% rename from examples/saml/post-basic/src/main/webapp/WEB-INF/web.xml rename to examples/saml/post-with-encryption/src/main/webapp/WEB-INF/web.xml index 1bb001cd4a..04bfd71dde --- a/examples/saml/post-basic/src/main/webapp/WEB-INF/web.xml +++ b/examples/saml/post-with-encryption/src/main/webapp/WEB-INF/web.xml @@ -1,13 +1,11 @@ + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" + version="3.0"> - PicketLink Sales Service Provider + sales-post-enc - PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding - - + SALES Application @@ -36,7 +34,7 @@ - FORM + KEYCLOAK-SAML Tomcat SALES Application /jsp/login.jsp diff --git a/examples/saml/post-basic/src/main/webapp/css/idp.css b/examples/saml/post-with-encryption/src/main/webapp/css/idp.css old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/post-basic/src/main/webapp/css/idp.css rename to examples/saml/post-with-encryption/src/main/webapp/css/idp.css diff --git a/examples/saml/post-basic/src/main/webapp/error.jsp b/examples/saml/post-with-encryption/src/main/webapp/error.jsp old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/post-basic/src/main/webapp/error.jsp rename to examples/saml/post-with-encryption/src/main/webapp/error.jsp diff --git a/examples/saml/post-basic/src/main/webapp/favicon.ico b/examples/saml/post-with-encryption/src/main/webapp/favicon.ico old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/post-basic/src/main/webapp/favicon.ico rename to examples/saml/post-with-encryption/src/main/webapp/favicon.ico diff --git a/examples/saml/post-basic/src/main/webapp/images/bkg.gif b/examples/saml/post-with-encryption/src/main/webapp/images/bkg.gif old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/post-basic/src/main/webapp/images/bkg.gif rename to examples/saml/post-with-encryption/src/main/webapp/images/bkg.gif diff --git a/examples/saml/post-with-encryption/src/main/webapp/images/keycloak_default_banner-1180px.png b/examples/saml/post-with-encryption/src/main/webapp/images/keycloak_default_banner-1180px.png new file mode 100755 index 0000000000..10ef213a75 Binary files /dev/null and b/examples/saml/post-with-encryption/src/main/webapp/images/keycloak_default_banner-1180px.png differ diff --git a/examples/saml/post-basic/src/main/webapp/images/rh_bg.png b/examples/saml/post-with-encryption/src/main/webapp/images/rh_bg.png old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/post-basic/src/main/webapp/images/rh_bg.png rename to examples/saml/post-with-encryption/src/main/webapp/images/rh_bg.png diff --git a/examples/saml/post-basic/src/main/webapp/index.jsp b/examples/saml/post-with-encryption/src/main/webapp/index.jsp old mode 100644 new mode 100755 similarity index 71% rename from examples/saml/post-basic/src/main/webapp/index.jsp rename to examples/saml/post-with-encryption/src/main/webapp/index.jsp index 199bdb0ee0..cae2feac02 --- a/examples/saml/post-basic/src/main/webapp/index.jsp +++ b/examples/saml/post-with-encryption/src/main/webapp/index.jsp @@ -2,13 +2,14 @@

SalesTool


Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%> - -
+
+ Click to LogOut +
+
Here is your sales chart:

-Click to LogOut diff --git a/examples/saml/post-with-encryption/src/main/webapp/logout.jsp b/examples/saml/post-with-encryption/src/main/webapp/logout.jsp new file mode 100755 index 0000000000..46124debfb --- /dev/null +++ b/examples/saml/post-with-encryption/src/main/webapp/logout.jsp @@ -0,0 +1,43 @@ + + + + + +Keycloak SAML Client Adapter Example Application + + + + + + +
+
+

+ Logged out. Login again. +

+
+
+ + \ No newline at end of file diff --git a/examples/saml/post-basic/src/main/webapp/piechart.gif b/examples/saml/post-with-encryption/src/main/webapp/piechart.gif old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/post-basic/src/main/webapp/piechart.gif rename to examples/saml/post-with-encryption/src/main/webapp/piechart.gif diff --git a/examples/saml/post-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml b/examples/saml/post-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/post-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/post-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml b/examples/saml/post-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml deleted file mode 100644 index 10562b84b2..0000000000 --- a/examples/saml/post-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml +++ /dev/null @@ -1,16 +0,0 @@ - - - - sp - - - sales-post-sig - - - - org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator - - diff --git a/examples/saml/post-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml b/examples/saml/post-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/post-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/post-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension b/examples/saml/post-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension deleted file mode 100644 index ffaf42ca71..0000000000 --- a/examples/saml/post-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension +++ /dev/null @@ -1 +0,0 @@ -org.picketlink.identity.federation.bindings.wildfly.sp.SPServletExtension \ No newline at end of file diff --git a/examples/saml/post-with-signature/conf/wildfly/WEB-INF/jboss-web.xml b/examples/saml/post-with-signature/conf/wildfly/WEB-INF/jboss-web.xml deleted file mode 100644 index 284b87a988..0000000000 --- a/examples/saml/post-with-signature/conf/wildfly/WEB-INF/jboss-web.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - sp - - - sales-post-sig - diff --git a/examples/saml/post-with-signature/configure-security-domain-eap.cli b/examples/saml/post-with-signature/configure-security-domain-eap.cli deleted file mode 100644 index 9f9777c4cb..0000000000 --- a/examples/saml/post-with-signature/configure-security-domain-eap.cli +++ /dev/null @@ -1,16 +0,0 @@ -# Batch script to add and configure the quickstart-domain security domain in the JBoss server - -# Start batching commands -batch - -# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. -/subsystem=security/security-domain=sp:add(cache-type=default) -/subsystem=security/security-domain=sp/authentication=classic:add -/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule,flag=required) - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload - diff --git a/examples/saml/post-with-signature/configure-security-domain-wildfly.cli b/examples/saml/post-with-signature/configure-security-domain-wildfly.cli deleted file mode 100644 index 6b65d5e94f..0000000000 --- a/examples/saml/post-with-signature/configure-security-domain-wildfly.cli +++ /dev/null @@ -1,16 +0,0 @@ -# Batch script to add and configure the quickstart-domain security domain in the JBoss server - -# Start batching commands -batch - -# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. -/subsystem=security/security-domain=sp:add(cache-type=default) -/subsystem=security/security-domain=sp/authentication=classic:add -/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule,flag=required) - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload - diff --git a/examples/saml/post-with-signature/pom.xml b/examples/saml/post-with-signature/pom.xml index 064b64271f..8841ac054c 100755 --- a/examples/saml/post-with-signature/pom.xml +++ b/examples/saml/post-with-signature/pom.xml @@ -2,16 +2,13 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> 4.0.0 - org.picketlink.quickstarts - picketlink-federation-saml-sp-post-with-signature - 2.7.0.Beta2 + org.keycloak.examples + saml-post-signatures + 1.6.0.Final-SNAPSHOT war - PicketLink Quickstart: picketlink-federation-saml-sp-post-with-signature - PicketLink Quickstart: PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding With Signature Support - - http://www.picketlink.org + Keycloak SAML Adapter Example POST Binding and Signatures @@ -21,104 +18,24 @@ - - - 2.7.0.Beta2 - - - jboss-eap - - - 3.1 - - 2.8.1 - - 7.4.Final - - 2.1.1 - - 1.0.1.Final - - 1.6 - 1.6 - - ${project.artifactId} - - - src/main/resources - - - ../post-basic/src/main/resources - - - - org.apache.maven.plugins - maven-deploy-plugin - ${version.deploy.plugin} - - true - - - - maven-war-plugin - ${version.war.plugin} - - - false - - - ${target.container} - - - - - src/main/webapp - - - ../post-basic/src/main/webapp - - - ${basedir}/conf/${target.container} - - - - - org.jboss.as.plugins jboss-as-maven-plugin - ${version.jboss.maven.plugin} - ${project.build.finalName}-${target.container}.${project.packaging} + false + + + + org.wildfly.plugins + wildfly-maven-plugin + + false - - - - wildfly - - wildfly - - - - - org.wildfly.plugins - wildfly-maven-plugin - ${version.wildfly.maven.plugin} - - ${project.build.finalName}-${target.container}.${project.packaging} - - - - - - - \ No newline at end of file diff --git a/examples/saml/post-with-signature/remove-security-domain.cli b/examples/saml/post-with-signature/remove-security-domain.cli deleted file mode 100644 index 9487613e2c..0000000000 --- a/examples/saml/post-with-signature/remove-security-domain.cli +++ /dev/null @@ -1,13 +0,0 @@ -# Batch script to remove the quickstart-domain security domain from the JBoss server - -# Start batching commands -batch - -# Remove the security domain -/subsystem=security/security-domain=sp:remove - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload \ No newline at end of file diff --git a/examples/saml/post-with-signature/src/main/webapp/WEB-INF/keycloak-saml.xml b/examples/saml/post-with-signature/src/main/webapp/WEB-INF/keycloak-saml.xml new file mode 100755 index 0000000000..875d52c57a --- /dev/null +++ b/examples/saml/post-with-signature/src/main/webapp/WEB-INF/keycloak-saml.xml @@ -0,0 +1,45 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/examples/saml/post-with-signature/src/main/resources/keystore.jks b/examples/saml/post-with-signature/src/main/webapp/WEB-INF/keystore.jks similarity index 100% rename from examples/saml/post-with-signature/src/main/resources/keystore.jks rename to examples/saml/post-with-signature/src/main/webapp/WEB-INF/keystore.jks diff --git a/examples/saml/post-with-signature/src/main/webapp/WEB-INF/picketlink.xml b/examples/saml/post-with-signature/src/main/webapp/WEB-INF/picketlink.xml deleted file mode 100755 index 05293a5ca0..0000000000 --- a/examples/saml/post-with-signature/src/main/webapp/WEB-INF/picketlink.xml +++ /dev/null @@ -1,31 +0,0 @@ - - - ${idp-sig.url::http://localhost:8080/auth/realms/saml-demo/protocol/saml} - - ${sales-post-sig.url::http://localhost:8080/sales-post-sig/} - - - - - - - - - - - - - - - - - - - diff --git a/examples/saml/post-with-signature/src/main/webapp/WEB-INF/web.xml b/examples/saml/post-with-signature/src/main/webapp/WEB-INF/web.xml new file mode 100755 index 0000000000..8971257885 --- /dev/null +++ b/examples/saml/post-with-signature/src/main/webapp/WEB-INF/web.xml @@ -0,0 +1,50 @@ + + + + sales-post-sig + + + + + SALES Application + /* + + + manager + + + + + + + freezone + /freezone/* + + + images + /images/* + + + css + /css/* + + + + + + KEYCLOAK-SAML + Tomcat SALES Application + + /jsp/login.jsp + /jsp/loginerror.jsp + + + + + + The role that is required to log in to the Manager Application + manager + + diff --git a/examples/saml/redirect-basic/src/main/webapp/css/idp.css b/examples/saml/post-with-signature/src/main/webapp/css/idp.css old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/redirect-basic/src/main/webapp/css/idp.css rename to examples/saml/post-with-signature/src/main/webapp/css/idp.css diff --git a/examples/saml/redirect-basic/src/main/webapp/error.jsp b/examples/saml/post-with-signature/src/main/webapp/error.jsp old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/redirect-basic/src/main/webapp/error.jsp rename to examples/saml/post-with-signature/src/main/webapp/error.jsp diff --git a/examples/saml/redirect-basic/src/main/webapp/favicon.ico b/examples/saml/post-with-signature/src/main/webapp/favicon.ico old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/redirect-basic/src/main/webapp/favicon.ico rename to examples/saml/post-with-signature/src/main/webapp/favicon.ico diff --git a/examples/saml/redirect-basic/src/main/webapp/images/bkg.gif b/examples/saml/post-with-signature/src/main/webapp/images/bkg.gif old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/redirect-basic/src/main/webapp/images/bkg.gif rename to examples/saml/post-with-signature/src/main/webapp/images/bkg.gif diff --git a/examples/saml/post-with-signature/src/main/webapp/images/keycloak_default_banner-1180px.png b/examples/saml/post-with-signature/src/main/webapp/images/keycloak_default_banner-1180px.png new file mode 100755 index 0000000000..10ef213a75 Binary files /dev/null and b/examples/saml/post-with-signature/src/main/webapp/images/keycloak_default_banner-1180px.png differ diff --git a/examples/saml/redirect-basic/src/main/webapp/images/rh_bg.png b/examples/saml/post-with-signature/src/main/webapp/images/rh_bg.png old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/redirect-basic/src/main/webapp/images/rh_bg.png rename to examples/saml/post-with-signature/src/main/webapp/images/rh_bg.png diff --git a/examples/saml/post-with-signature/src/main/webapp/index.jsp b/examples/saml/post-with-signature/src/main/webapp/index.jsp new file mode 100755 index 0000000000..cae2feac02 --- /dev/null +++ b/examples/saml/post-with-signature/src/main/webapp/index.jsp @@ -0,0 +1,15 @@ +
+

SalesTool

+
+Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%> +
+ Click to LogOut +
+
+Here is your sales chart: +
+ + +
+ +
diff --git a/examples/saml/post-with-signature/src/main/webapp/logout.jsp b/examples/saml/post-with-signature/src/main/webapp/logout.jsp new file mode 100755 index 0000000000..46124debfb --- /dev/null +++ b/examples/saml/post-with-signature/src/main/webapp/logout.jsp @@ -0,0 +1,43 @@ + + + + + +Keycloak SAML Client Adapter Example Application + + + + + + +
+
+

+ Logged out. Login again. +

+
+
+ + \ No newline at end of file diff --git a/examples/saml/post-with-signature/src/main/webapp/piechart.gif b/examples/saml/post-with-signature/src/main/webapp/piechart.gif new file mode 100755 index 0000000000..57bfe37752 Binary files /dev/null and b/examples/saml/post-with-signature/src/main/webapp/piechart.gif differ diff --git a/examples/saml/redirect-basic/README.md b/examples/saml/redirect-basic/README.md deleted file mode 100755 index 29cf529f3f..0000000000 --- a/examples/saml/redirect-basic/README.md +++ /dev/null @@ -1,251 +0,0 @@ -picketlink-federation-saml-sp-redirect-basic: PicketLink Service Provider With a Basic Configuration using SAML HTTP Redirect Binding -=============================== -Author: Pedro Igor -Level: Intermediate -Technologies: PicketLink Federation, SAML v2.0 -Summary: Basic example that demonstrates how to setup an application as a SAML v2.0 Service Provider using SAML HTTP Redirect Binding. -Source: - - -What is it? ------------ - -This example demonstrates Keycloak SAML 2.0 support in conjunction with a servlet secured by Picketlink's SAML SP client. - -WARNING: This example doesn't use signed SAML request and response messages. It's used just for demonstration purpose, but in production -you should always use signed SAML messages as shown in "redirect-with-signature" example. - -Make sure you've set up the Keycloak Server --------------------------------------- -The Keycloak Appliance Distribution comes with a preconfigured Keycloak server (based on Wildfly). You can use it out of -the box to run these demos. So, if you're using this, you can head to Step 2. - -Alternatively, you can install the Keycloak Server onto any EAP 6.x, or Wildfly 8.x server, but there is -a few steps you must follow. - -Obtain latest keycloak-war-dist-all.zip. This distro is used to install Keycloak onto an existing JBoss installation. -This installs the server. - - $ cd ${wildfly.jboss.home}/standalone - $ cp -r ${keycloak-war-dist-all}/deployments . - -To be able to run the demos you also need to install the Keycloak client adapter. For Wildfly: - - $ cd ${wildfly.home} - $ unzip ${keycloak-war-dist-all}/adapters/keycloak-wildfly-adapter-dist.zip - -For JBoss EAP 6.x - - $ cd ${eap.home} - $ unzip ${keycloak-war-dist-all}/adapters/keycloak-eap6-adapter-dist.zip - -For JBoss AS 7.1.1: - - $ cd ${as7.home} - $ unzip ${keycloak-war-dist-all}/adapters/keycloak-as7-adapter-dist.zip - -Unzipping the adapter ZIP only installs the JAR files. You must also add the Keycloak Subsystem to the server's -configuration (standalone/configuration/standalone.xml). - - - - - - ... - - - - - ... - - - -Boot Keycloak Server ---------------------------------------- -Where you go to start up the Keycloak Server depends on which distro you installed. - -From appliance: - -``` -$ cd keycloak/bin -$ ./standalone.sh -``` - - -From existing Wildfly/EAP6/AS7 distro - -``` -$ cd ${wildfly.jboss.home}/bin -$ ./standalone.sh -``` - - -Import the Test Realm ---------------------------------------- -Next thing you have to do is import the test realm for the demo. Clicking on the below link will bring you to the -create realm page in the Admin UI. The username/password is admin/admin to login in. Keycloak will ask you to -create a new admin password before you can go to the create realm page. - -[http://localhost:8080/auth/admin/master/console/#/create/realm](http://localhost:8080/auth/admin/master/console/#/create/realm) - -Import the testsaml.json file that is in the saml/ example directory. - -Install Picketlink Modules into App server ------------------------------------------- - -If you are running this example with the Keycloak application distribution, you can skip this step. - -You may have to upgrade your picketlink modules in your JBoss EAP or Wildfly distribution. See Picketlink docs for more details. - -Create the Security Domain for JBoss EAP ---------------- -If you are running this example with the Keycloak application distribution, you can skip this step. - - -These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. - -You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-eap.cli` script provided in the root directory of this quickstart. - -1. Before you begin, back up your server configuration file - * If it is running, stop the JBoss server. - * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` - * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. - -2. Start the JBoss server by typing the following: - - For Linux: JBOSS_HOME/bin/standalone.sh - For Windows: JBOSS_HOME\bin\standalone.bat -3. Review the `configure-security-domain-eap.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. - -4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: - - JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-eap.cli - -You should see the following result when you run the script: - - The batch executed successfully - { - "outcome" => "success", - } - - -Create the Security Domain for WildFly ---------------- -If you are running this example with the Keycloak application distribution, you can skip this step. - -These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. - -You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-wildfly.cli` script provided in the root directory of this quickstart. - -1. Before you begin, back up your server configuration file - * If it is running, stop the JBoss server. - * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` - * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. - -2. Start the JBoss server by typing the following: - - For Linux: JBOSS_HOME/bin/standalone.sh - For Windows: JBOSS_HOME\bin\standalone.bat -3. Review the `configure-security-domain-wildfly.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. - -4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: - - JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-wildfly.cli - -You should see the following result when you run the script: - - The batch executed successfully - { - "outcome" => "success", - } - - - -Review the Modified Server Configuration for EAP ------------------------------------ -If you are running this example with the Keycloak application distribution, you can skip this step. - -If you want to review and understand newly added XML configuration, stop the JBoss server and open the `JBOSS_HOME/standalone/configuration/standalone.xml` file. - -The following `sp` security-domain was added to the `security` subsystem. - - - - - - - -The configuration above defines a security-domain which will be used by the SP to authenticate users based on a SAML Assertion previously issued by a Identity Provider. - -Review the Modified Server Configuration for WildFly ------------------------------------ -If you are running this example with the Keycloak application distribution, you can skip this step. - -If you are using Wildfly, the security-domain should have the following configuration: - - - - - - - - -SAML SP-Initiated Single Sign-On ------------------------------------ - -The SAML v2.0 specification defines a specific SSO mode called *SP-Initiated SSO*. In this mode, the SSO flow starts at the Service Provider side. -Please, take a look at the following documentation for more details: - -1. [SAML v2.0 SP-Initiated SSO](https://docs.jboss.org/author/display/PLINK/SP-Initiated+SSO) - - -Start JBoss Enterprise Application Platform 6 or WildFly with the Web Profile -------------------------- - -1. Open a command line and navigate to the root of the JBoss server directory. -2. The following shows the command line to start the server with the web profile: - - For Linux: JBOSS_HOME/bin/standalone.sh - For Windows: JBOSS_HOME\bin\standalone.bat - - -Build and Deploy the Quickstart -------------------------- - -_NOTE: The following build command assumes you have configured your Maven user settings. If you have not, you must include Maven setting arguments on the command line. See [Build and Deploy the Quickstarts](../README.md#build-and-deploy-the-quickstarts) for complete instructions and additional options._ - -1. Make sure you have started the JBoss Server as described above. -2. Open a command line and navigate to the root directory of this quickstart. -3. Type this command to build and deploy the archive: - - For EAP 6: mvn clean package jboss-as:deploy - For WildFly: mvn -Pwildfly clean package wildfly:deploy - -4. This will deploy `target/picketlink-federation-saml-sp-redirect-basic.war` to the running instance of the server. - - -Access the application ---------------------- - -The application will be running at the following URL: . - -*Note: A Service Provider alone is not very useful without an Identity Provider to authenticate users and issue SAML Assertions. Once you get this application deployed, please take a look at [About the PicketLink Federation Quickstarts](../README.md#about-the-keycloak-saml-quickstarts).* - -Undeploy the Archive --------------------- - -1. Make sure you have started the JBoss Server as described above. -2. Open a command line and navigate to the root directory of this quickstart. -3. When you are finished testing, type this command to undeploy the archive: - - For EAP 6: mvn jboss-as:undeploy - For WildFly: mvn -Pwildfly wildfly:undeploy - - -Debug the Application ------------------------------------- - -If you want to debug the source code or look at the Javadocs of any library in the project, run either of the following commands to pull them into your local repository. The IDE should then detect them. - - mvn dependency:sources - mvn dependency:resolve -Dclassifier=javadoc \ No newline at end of file diff --git a/examples/saml/redirect-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml b/examples/saml/redirect-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/redirect-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/redirect-basic/conf/jboss-eap/WEB-INF/jboss-web.xml b/examples/saml/redirect-basic/conf/jboss-eap/WEB-INF/jboss-web.xml deleted file mode 100644 index f603c9a068..0000000000 --- a/examples/saml/redirect-basic/conf/jboss-eap/WEB-INF/jboss-web.xml +++ /dev/null @@ -1,16 +0,0 @@ - - - - sp - - - employee - - - - org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator - - diff --git a/examples/saml/redirect-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml b/examples/saml/redirect-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/redirect-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/redirect-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension b/examples/saml/redirect-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension deleted file mode 100644 index ffaf42ca71..0000000000 --- a/examples/saml/redirect-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension +++ /dev/null @@ -1 +0,0 @@ -org.picketlink.identity.federation.bindings.wildfly.sp.SPServletExtension \ No newline at end of file diff --git a/examples/saml/redirect-basic/conf/wildfly/WEB-INF/jboss-web.xml b/examples/saml/redirect-basic/conf/wildfly/WEB-INF/jboss-web.xml deleted file mode 100644 index 309b91b9dc..0000000000 --- a/examples/saml/redirect-basic/conf/wildfly/WEB-INF/jboss-web.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - sp - - - employee - diff --git a/examples/saml/redirect-basic/configure-security-domain-eap.cli b/examples/saml/redirect-basic/configure-security-domain-eap.cli deleted file mode 100644 index 9f9777c4cb..0000000000 --- a/examples/saml/redirect-basic/configure-security-domain-eap.cli +++ /dev/null @@ -1,16 +0,0 @@ -# Batch script to add and configure the quickstart-domain security domain in the JBoss server - -# Start batching commands -batch - -# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. -/subsystem=security/security-domain=sp:add(cache-type=default) -/subsystem=security/security-domain=sp/authentication=classic:add -/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule,flag=required) - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload - diff --git a/examples/saml/redirect-basic/configure-security-domain-wildfly.cli b/examples/saml/redirect-basic/configure-security-domain-wildfly.cli deleted file mode 100644 index 6b65d5e94f..0000000000 --- a/examples/saml/redirect-basic/configure-security-domain-wildfly.cli +++ /dev/null @@ -1,16 +0,0 @@ -# Batch script to add and configure the quickstart-domain security domain in the JBoss server - -# Start batching commands -batch - -# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. -/subsystem=security/security-domain=sp:add(cache-type=default) -/subsystem=security/security-domain=sp/authentication=classic:add -/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule,flag=required) - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload - diff --git a/examples/saml/redirect-basic/pom.xml b/examples/saml/redirect-basic/pom.xml deleted file mode 100644 index adacc91eed..0000000000 --- a/examples/saml/redirect-basic/pom.xml +++ /dev/null @@ -1,111 +0,0 @@ - - 4.0.0 - - org.picketlink.quickstarts - picketlink-federation-saml-sp-redirect-basic - 2.7.0.Beta2 - - war - - PicketLink Quickstart: picketlink-federation-saml-sp-redirect-basic - PicketLink Quickstart: PicketLink Service Provider With a Basic Configuration using SAML HTTP Redirect Binding - - http://www.picketlink.org - - - - Apache License, Version 2.0 - repo - http://www.apache.org/licenses/LICENSE-2.0.html - - - - - - - 2.7.0.Beta2 - - - jboss-eap - - - 3.1 - - 2.8.1 - - 7.4.Final - - 2.1.1 - - 1.0.1.Final - - 1.6 - 1.6 - - - - - ${project.artifactId} - - - org.apache.maven.plugins - maven-deploy-plugin - ${version.deploy.plugin} - - true - - - - maven-war-plugin - ${version.war.plugin} - - - false - - - ${target.container} - - - - - ${basedir}/conf/${target.container} - - - - - - - org.jboss.as.plugins - jboss-as-maven-plugin - ${version.jboss.maven.plugin} - - ${project.build.finalName}-${target.container}.${project.packaging} - - - - - - - - wildfly - - wildfly - - - - - org.wildfly.plugins - wildfly-maven-plugin - ${version.wildfly.maven.plugin} - - ${project.build.finalName}-${target.container}.${project.packaging} - - - - - - - - \ No newline at end of file diff --git a/examples/saml/redirect-basic/remove-security-domain.cli b/examples/saml/redirect-basic/remove-security-domain.cli deleted file mode 100644 index 9487613e2c..0000000000 --- a/examples/saml/redirect-basic/remove-security-domain.cli +++ /dev/null @@ -1,13 +0,0 @@ -# Batch script to remove the quickstart-domain security domain from the JBoss server - -# Start batching commands -batch - -# Remove the security domain -/subsystem=security/security-domain=sp:remove - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload \ No newline at end of file diff --git a/examples/saml/redirect-basic/src/main/webapp/META-INF/jboss-deployment-structure.xml b/examples/saml/redirect-basic/src/main/webapp/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/redirect-basic/src/main/webapp/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/redirect-basic/src/main/webapp/WEB-INF/picketlink.xml b/examples/saml/redirect-basic/src/main/webapp/WEB-INF/picketlink.xml deleted file mode 100755 index 78e8c938a2..0000000000 --- a/examples/saml/redirect-basic/src/main/webapp/WEB-INF/picketlink.xml +++ /dev/null @@ -1,20 +0,0 @@ - - - ${idp.url::http://localhost:8080/auth/realms/saml-demo/protocol/saml} - ${employee.url::http://localhost:8080/employee/} - - - - - - - - - - \ No newline at end of file diff --git a/examples/saml/redirect-basic/src/main/webapp/images/picketlink-banner-1180px.png b/examples/saml/redirect-basic/src/main/webapp/images/picketlink-banner-1180px.png deleted file mode 100644 index 2509ff4480..0000000000 Binary files a/examples/saml/redirect-basic/src/main/webapp/images/picketlink-banner-1180px.png and /dev/null differ diff --git a/examples/saml/redirect-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml b/examples/saml/redirect-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/redirect-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/redirect-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml b/examples/saml/redirect-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml deleted file mode 100644 index 4d1aef2bc1..0000000000 --- a/examples/saml/redirect-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml +++ /dev/null @@ -1,16 +0,0 @@ - - - - sp - - - employee-sig - - - - org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator - - diff --git a/examples/saml/redirect-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml b/examples/saml/redirect-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml deleted file mode 100644 index 7b07a0210b..0000000000 --- a/examples/saml/redirect-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension b/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension deleted file mode 100644 index ffaf42ca71..0000000000 --- a/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension +++ /dev/null @@ -1 +0,0 @@ -org.picketlink.identity.federation.bindings.wildfly.sp.SPServletExtension \ No newline at end of file diff --git a/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/jboss-web.xml b/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/jboss-web.xml deleted file mode 100644 index b6279d9ca1..0000000000 --- a/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/jboss-web.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - sp - - - employee-sig - diff --git a/examples/saml/redirect-with-signature/configure-security-domain-eap.cli b/examples/saml/redirect-with-signature/configure-security-domain-eap.cli deleted file mode 100644 index 9f9777c4cb..0000000000 --- a/examples/saml/redirect-with-signature/configure-security-domain-eap.cli +++ /dev/null @@ -1,16 +0,0 @@ -# Batch script to add and configure the quickstart-domain security domain in the JBoss server - -# Start batching commands -batch - -# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. -/subsystem=security/security-domain=sp:add(cache-type=default) -/subsystem=security/security-domain=sp/authentication=classic:add -/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule,flag=required) - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload - diff --git a/examples/saml/redirect-with-signature/configure-security-domain-wildfly.cli b/examples/saml/redirect-with-signature/configure-security-domain-wildfly.cli deleted file mode 100644 index 6b65d5e94f..0000000000 --- a/examples/saml/redirect-with-signature/configure-security-domain-wildfly.cli +++ /dev/null @@ -1,16 +0,0 @@ -# Batch script to add and configure the quickstart-domain security domain in the JBoss server - -# Start batching commands -batch - -# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. -/subsystem=security/security-domain=sp:add(cache-type=default) -/subsystem=security/security-domain=sp/authentication=classic:add -/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule,flag=required) - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload - diff --git a/examples/saml/redirect-with-signature/pom.xml b/examples/saml/redirect-with-signature/pom.xml index a17e41d719..55f426b7df 100755 --- a/examples/saml/redirect-with-signature/pom.xml +++ b/examples/saml/redirect-with-signature/pom.xml @@ -2,16 +2,14 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> 4.0.0 - org.picketlink.quickstarts - picketlink-federation-saml-sp-redirect-with-signature - 2.7.0.Beta2 + org.keycloak.examples + saml-redirect-signatures + 1.6.0.Final-SNAPSHOT war - PicketLink Quickstart: picketlink-federation-saml-sp-redirect-with-signature - PicketLink Quickstart: PicketLink Service Provider With a Basic Configuration using SAML HTTP Redirect Binding With Signature Support + Keycloak SAML Adapter Example Redirect Binding with Signatures - http://www.picketlink.org @@ -21,104 +19,26 @@ - - - 2.7.0.Beta2 - - - jboss-eap - - - 3.1 - - 2.8.1 - - 7.4.Final - - 2.1.1 - - 1.0.1.Final - - 1.6 - 1.6 - - ${project.artifactId} - - - src/main/resources - - - ../redirect-basic/src/main/resources - - - - org.apache.maven.plugins - maven-deploy-plugin - ${version.deploy.plugin} - - true - - - - maven-war-plugin - ${version.war.plugin} - - - false - - - ${target.container} - - - - - src/main/webapp - - - ../redirect-basic/src/main/webapp - - - ${basedir}/conf/${target.container} - - - - - org.jboss.as.plugins jboss-as-maven-plugin - ${version.jboss.maven.plugin} - ${project.build.finalName}-${target.container}.${project.packaging} + false + + + + org.wildfly.plugins + wildfly-maven-plugin + + false - - - wildfly - - wildfly - - - - - org.wildfly.plugins - wildfly-maven-plugin - ${version.wildfly.maven.plugin} - - ${project.build.finalName}-${target.container}.${project.packaging} - - - - - - diff --git a/examples/saml/redirect-with-signature/remove-security-domain.cli b/examples/saml/redirect-with-signature/remove-security-domain.cli deleted file mode 100644 index 9487613e2c..0000000000 --- a/examples/saml/redirect-with-signature/remove-security-domain.cli +++ /dev/null @@ -1,13 +0,0 @@ -# Batch script to remove the quickstart-domain security domain from the JBoss server - -# Start batching commands -batch - -# Remove the security domain -/subsystem=security/security-domain=sp:remove - -# Run the batch commands -run-batch - -# Reload the server configuration -:reload \ No newline at end of file diff --git a/examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/keycloak-saml.xml b/examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/keycloak-saml.xml new file mode 100755 index 0000000000..b658234746 --- /dev/null +++ b/examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/keycloak-saml.xml @@ -0,0 +1,44 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/examples/saml/redirect-with-signature/src/main/resources/keystore.jks b/examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/keystore.jks similarity index 100% rename from examples/saml/redirect-with-signature/src/main/resources/keystore.jks rename to examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/keystore.jks diff --git a/examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/picketlink.xml b/examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/picketlink.xml deleted file mode 100755 index 609b42889e..0000000000 --- a/examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/picketlink.xml +++ /dev/null @@ -1,36 +0,0 @@ - - - ${idp-sig.url::http://localhost:8080/auth/realms/saml-demo/protocol/saml} - - ${employee-sig.url::http://localhost:8080/employee-sig/} - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/examples/saml/redirect-basic/src/main/webapp/WEB-INF/web.xml b/examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/web.xml old mode 100644 new mode 100755 similarity index 77% rename from examples/saml/redirect-basic/src/main/webapp/WEB-INF/web.xml rename to examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/web.xml index d1b8e114c5..96ac722212 --- a/examples/saml/redirect-basic/src/main/webapp/WEB-INF/web.xml +++ b/examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/web.xml @@ -1,13 +1,11 @@ - + + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" + version="3.0"> - PicketLink Employee Service Provider + employee-sig - PicketLink Service Provider With a Basic Configuration using SAML HTTP Redirect Binding - - + EMPLOYEE Application @@ -36,7 +34,7 @@ - FORM + KEYCLOAK-SAML Tomcat SALES Application /jsp/login.jsp diff --git a/examples/saml/redirect-basic/src/main/webapp/careermap.jpg b/examples/saml/redirect-with-signature/src/main/webapp/careermap.jpg old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/redirect-basic/src/main/webapp/careermap.jpg rename to examples/saml/redirect-with-signature/src/main/webapp/careermap.jpg diff --git a/examples/saml/redirect-with-signature/src/main/webapp/css/idp.css b/examples/saml/redirect-with-signature/src/main/webapp/css/idp.css new file mode 100755 index 0000000000..afb49ea942 --- /dev/null +++ b/examples/saml/redirect-with-signature/src/main/webapp/css/idp.css @@ -0,0 +1,78 @@ +/* + ~ JBoss, Home of Professional Open Source. + ~ Copyright (c) 2011, Red Hat, Inc., and individual contributors + ~ as indicated by the @author tags. See the copyright.txt file in the + ~ distribution for a full listing of individual contributors. + ~ + ~ This is free software; you can redistribute it and/or modify it + ~ under the terms of the GNU Lesser General Public License as + ~ published by the Free Software Foundation; either version 2.1 of + ~ the License, or (at your option) any later version. + ~ + ~ This software is distributed in the hope that it will be useful, + ~ but WITHOUT ANY WARRANTY; without even the implied warranty of + ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + ~ Lesser General Public License for more details. + ~ + ~ You should have received a copy of the GNU Lesser General Public + ~ License along with this software; if not, write to the Free + ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +body { + background: url(images/rh_bg.png) repeat-x scroll 0 0 #F3F3F3; + color: #555555; + font: 12px/1.4 "Lucida Sans Unicode", "Lucida Grande", sans-serif; +} + +.loginBox { + position:absolute; + top: 50%; + left: 50%; + width:30em; + height:3em; + margin-top: -9em; /*set to a negative number 1/2 of your height*/ + margin-left: -15em; /*set to a negative number 1/2 of your width*/ + border: 1px solid #ccc; + background-color: #f3f3f3; +} + +.wrapper { + margin-left: auto; + margin-right: auto; + width: 50em; + text-align: left; +} + +a { + text-decoration: none; + color: #5e8a9a; +} + +h1 { + padding-top: 20px; + color: #7b1e1e; +} + +a:hover { + text-decoration: underline; + color: #8ec6d9; +} + +.content { + margin-left: 230px; +} + +.dualbrand { + padding-top: 20px; +} + +.as7 { + float: left; + margin-left: 10px; +} + +.note { + font-size: 8pt; + color: #aaaaaa; +} \ No newline at end of file diff --git a/examples/saml/post-basic/src/main/webapp/logout.jsp b/examples/saml/redirect-with-signature/src/main/webapp/error.jsp old mode 100644 new mode 100755 similarity index 89% rename from examples/saml/post-basic/src/main/webapp/logout.jsp rename to examples/saml/redirect-with-signature/src/main/webapp/error.jsp index 05ef7d3596..f744399826 --- a/examples/saml/post-basic/src/main/webapp/logout.jsp +++ b/examples/saml/redirect-with-signature/src/main/webapp/error.jsp @@ -24,19 +24,18 @@ PicketLink Example Application - -

- Logout in progress. You will be redirected to the Login Page. + The Service Provider could not process the request.

diff --git a/examples/saml/redirect-with-signature/src/main/webapp/favicon.ico b/examples/saml/redirect-with-signature/src/main/webapp/favicon.ico new file mode 100755 index 0000000000..c31d0fa862 Binary files /dev/null and b/examples/saml/redirect-with-signature/src/main/webapp/favicon.ico differ diff --git a/examples/saml/redirect-with-signature/src/main/webapp/images/bkg.gif b/examples/saml/redirect-with-signature/src/main/webapp/images/bkg.gif new file mode 100755 index 0000000000..523877c087 Binary files /dev/null and b/examples/saml/redirect-with-signature/src/main/webapp/images/bkg.gif differ diff --git a/examples/saml/redirect-with-signature/src/main/webapp/images/keycloak_default_banner-1180px.png b/examples/saml/redirect-with-signature/src/main/webapp/images/keycloak_default_banner-1180px.png new file mode 100755 index 0000000000..10ef213a75 Binary files /dev/null and b/examples/saml/redirect-with-signature/src/main/webapp/images/keycloak_default_banner-1180px.png differ diff --git a/examples/saml/redirect-with-signature/src/main/webapp/images/rh_bg.png b/examples/saml/redirect-with-signature/src/main/webapp/images/rh_bg.png new file mode 100755 index 0000000000..b0e6a006d0 Binary files /dev/null and b/examples/saml/redirect-with-signature/src/main/webapp/images/rh_bg.png differ diff --git a/examples/saml/redirect-basic/src/main/webapp/index.jsp b/examples/saml/redirect-with-signature/src/main/webapp/index.jsp old mode 100644 new mode 100755 similarity index 100% rename from examples/saml/redirect-basic/src/main/webapp/index.jsp rename to examples/saml/redirect-with-signature/src/main/webapp/index.jsp diff --git a/examples/saml/redirect-basic/src/main/webapp/logout.jsp b/examples/saml/redirect-with-signature/src/main/webapp/logout.jsp old mode 100644 new mode 100755 similarity index 97% rename from examples/saml/redirect-basic/src/main/webapp/logout.jsp rename to examples/saml/redirect-with-signature/src/main/webapp/logout.jsp index 05ef7d3596..fb8aef0a9b --- a/examples/saml/redirect-basic/src/main/webapp/logout.jsp +++ b/examples/saml/redirect-with-signature/src/main/webapp/logout.jsp @@ -30,7 +30,7 @@ -