Enterprise Open Source Directory

Posted on November 27, 2011 by mrepusic

The website Enterprise Open Source Directory (in short EOS directory) has been relaunched.

From their “about” site: “The Open Source Business Foundation (OSBF) is a nonprofit organization with the aim of promoting the use of open source software in the business environment.

An essential part of these activities is to maintain a reliable, trustworthy and at all times neutral source of information for users and businesses alike, providing them with info on open source products and projects, development companies and specialized open source service providers. To this end, OSBF acquired the Enterprise Open Source Directory (EOS), a well-known online community database.

Posted in Programming | Tagged | Leave a comment

Generating tag coulds with wordle.com

Posted on September 11, 2011 by mrepusic

The website http://www.wordle.net/ lets you create your own tag clouds. You can insert text and let analyse it, post a link to your delicious account (http://www.delicious.com/) or …
It’s a nice tool, if you just started using tags or tag clouds. Visualization is always key to understanding.

I found the following video, which shows the use of wordle.net:

Posted in collaboration | Tagged | Leave a comment

Easy ubuntu install for bitcoin

Posted on August 30, 2011 by mrepusic
  1. Open a terminal
  2. type:
    sudo apt-add-repository ppa:stretch/bitcoin
    (This will add ppa:stretch/bitcoin to your repositories, to access to the bitcoin repository.)

    sudo apt-get update
    sudo apt-get install bitcoin

  3. Run application (Alt-F2 will open the application launcher, then type bitcoin)
Posted in Uncategorized | Tagged | Leave a comment

Ant: Specified VM install not found

Posted on August 23, 2011 by mrepusic

If you get the following error after executing a ant task, your lunch configurations are most likely faulty.

“Specified VM install not found”

This happens sometimes, when you upgrade the ant plugin in eclipse.

The fix is pretty easy. Just navigate to:

[Your Workspace]\.metadata\.plugins\org.eclipse.debug.core\.launches

Here you will find your run-/debug-configurations. Delete them and restart eclipse.

That’s it.

Posted in Ant, Eclipse | Leave a comment

How does one use a usernametoken (with picketlink sts) in a jboss?

Posted on August 4, 2011 by mrepusic

The picketlink documentation http://community.jboss.org/wiki/PicketLinkSecurityTokenService didn’t work in a JBOSS 5.1. The problem lies in:

Object username = sharedState.get("javax.security.auth.login.name");

This always returned null, if you tried to supply the credentials as a usernametoken instead of a basic authentication.
You can also use the following sollution, if you just want to use the usernametoken without picketlink.

Here is a example WS-Trust request:

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>username</wsse:Username>
<wsse:Password>password</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<S:Body>
<ns4:RequestSecurityTokenCollection xmlns="http://www.w3.org/2005/08/addressing" xmlns:ns2="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:ns3="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:ns4="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:ns5="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:ns6="http://www.w3.org/2000/09/xmldsig#">
<ns4:RequestSecurityToken>
<ns4:TokenType>http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd/UsernameToken</ns4:TokenType>
<ns4:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/BatchIssue</ns4:RequestType>
</ns4:RequestSecurityToken>
</ns4:RequestSecurityTokenCollection>
</S:Body>
</S:Envelope>

After a while I stumpled upton this JIRA issue: https://issues.jboss.org/browse/JBWS-2833

Here’s my working setup:

jboss-web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.4//EN" "http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd">

<jboss-web>
<security-domain>java:/jaas/mySecurityDomain</security-domain>
</jboss-web>

jboss-wsse-server.xml:

<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
<config>
<username/>
<authenticate>
<usernameAuth/>
</authenticate>
</config>
</jboss-ws-security>

standard-jaxws-endpoint-config.xml:

<?xml version="1.0" encoding="UTF-8"?>
<jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd">
<endpoint-config>
<config-name>Standard WSSecurity Endpoint</config-name>
<post-handler-chains>
<javaee:handler-chain>
<javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings>
<javaee:handler>
<javaee:handler-name>WSSecurity Handler</javaee:handler-name>
<javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class>
</javaee:handler>
</javaee:handler-chain>
</post-handler-chains>
</endpoint-config>
</jaxws-config>

Here is an example for the (EJB based) Webservice:

import javax.ejb.Stateless;
import javax.xml.transform.Source;
import javax.xml.ws.Provider;
import javax.xml.ws.Service;
import javax.xml.ws.ServiceMode;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.WebServiceProvider;

import org.apache.log4j.Logger;
import org.jboss.ejb3.annotation.SecurityDomain;
import org.jboss.wsf.spi.annotation.WebContext;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.wstrust.PicketLinkSTS;
import org.picketlink.identity.federation.core.wstrust.WSTrustException;
import org.picketlink.identity.federation.core.wstrust.WSTrustJAXBFactory;
import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;

import org.jboss.ws.annotation.EndpointConfig;

@Stateless
@WebServiceProvider(serviceName = "PicketLinkSTS", portName = "PicketLinkSTSPort", targetNamespace = "urn:picketlink:identity-federation:sts", wsdlLocation = "META-INF/wsdl/PicketLinkSTS.wsdl")
@ServiceMode(value = Service.Mode.PAYLOAD)
@WebContext( contextRoot="/myContextRoot/sts",urlPattern="/myUrlPattern/sts")
@SecurityDomain(value="mySecurityDomain")
@EndpointConfig(configName = "Standard WSSecurity Endpoint")
//@RolesAllowed("myAllowedRole")
public class MyPicketLinkSTS extends PicketLinkSTS implements Provider<Source>{

@Override
public Source invoke(Source request)
{
...
}
}

You can find the annotation @EndpointConfig in the following maven dependency:

<?xml version="1.0" encoding="UTF-8"?>
<dependency>
  <groupId>org.jboss.ws.native</groupId>
  <artifactId>jbossws-native-core</artifactId>
  <version>3.1.2.SP3</version>
  <scope> provided </scope>
</dependency>

That’s it. With this I was able to use the credentials form the usernametoken to authenticate against my custom security domain.
Leave a comment, if you have a question.

Posted in JAVA, JBOSS, Programming, Security | Tagged | Leave a comment

Hello world!

Posted on March 26, 2011 by mrepusic

Now on a fresh new dedicated server.

Posted in Real life | Leave a comment