cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r820876 - in /websites/production/cxf/content: cache/main.pageCache fediz-idp.html
Date Fri, 08 Jun 2012 20:47:47 GMT
Author: buildbot
Date: Fri Jun  8 20:47:47 2012
New Revision: 820876

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/main.pageCache
    websites/production/cxf/content/fediz-idp.html

Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/fediz-idp.html
==============================================================================
--- websites/production/cxf/content/fediz-idp.html (original)
+++ websites/production/cxf/content/fediz-idp.html Fri Jun  8 20:47:47 2012
@@ -146,7 +146,7 @@ Apache CXF -- Fediz IDP
 
 <p>The Fediz IDP has been tested with Tomcat 6 and 7 but should be able to work with
any commercial JEE application server.</p>
 
-<p>Deploy the WAR files to your Tomcat installation (&lt;catalina.home&gt;/webapps).</p>
+<p>Deploy the WAR files to your Tomcat installation (&lt;catalina.home&gt;/webapps).
 Once done, you should be able to see the Fediz STS from a browser at <a shape="rect" class="external-link"
href="http://localhost:9080/fedizidpsts/STSService?wsdl" rel="nofollow">http://localhost:9080/fedizidpsts/STSService?wsdl</a>,
assuming you're using port 9080 as listed below.</p>
 
 <p>A Relying Party application trusts the IDP/STS component that the IDP authenticated
the browser user. The trust is established based on the certificate/private key used by the
STS to sign the SAML token. The signing certificate is located in <tt>webapps/fediz-idp-sts/WEB-INF/classes/stsstore.jks</tt>.
You must copy this keystore to a location where the Relying Party can reference it in its
<a shape="rect" href="fediz-configuration.html" title="Fediz Configuration">Fediz Configuration</a>
in the element <tt>certificateStores</tt>.</p>
 
@@ -159,7 +159,8 @@ Apache CXF -- Fediz IDP
 
 <h5><a shape="rect" name="FedizIDP-HTTPSconfiguration"></a>HTTPS configuration</h5>
 
-<p>It's recommended to set up a dedicated (separate) Tomcat instance for the IDP. The
Fediz examples use the following TCP ports to interact with the IDP/STS:</p>
+<p>It's recommended to set up a dedicated (separate) Tomcat instance for the IDP. 
 Using one deployment of Tomcat with multiple CATALINA_BASE instances, as described <a
shape="rect" class="external-link" href="http://www.shaunabram.com/multiple-tomcat-instances/"
rel="nofollow">here</a> is one option but note any libs in $CATALINA_HOME/lib folder
will be shared throughout each of the activated CATALINA_BASE instances.  Another probably
simpler alternative is to copy your Tomcat folder into a second location and edit its conf/server.xml
file and change <a shape="rect" class="external-link" href="http://viralpatel.net/blogs/2009/08/running-multiple-instance-apache-tomcat-single-server.html"
rel="nofollow">these port values</a> so they don't conflict with the original Tomcat
installation.  The Fediz examples use the following TCP ports to interact with the IDP/STS:</p>
+
 <ul><li>HTTP port: 9080 (used for Maven deployment, mvn tomcat:redeploy)</li><li>HTTPS
port: 9443 (where IDP and STS are accessed)</li></ul>
 
 
@@ -180,6 +181,25 @@ Apache CXF -- Fediz IDP
 
 <p><b>Production: It's highly recommended to deploy certificates signed by a
Certificate Authority</b></p>
 
+<p>To start and stop this second Tomcat instance, it is perhaps easiest to create small
startup.sh and shutdown.sh scripts that temporarily redefine $CATALINA_HOME from the first
to the second instance, for example:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-java">
+CATALINA_HOME=/path/to/second/tomcat
+$CATALINA_HOME/bin/startup.sh
+</pre>
+</div></div>
+
+<p>and</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-java">
+CATALINA_HOME=/path/to/second/tomcat
+$CATALINA_HOME/bin/shutdown.sh
+</pre>
+</div></div>
+
+<p>If you're using the one Tomcat with multiple instance option, it's $CATALINA_BASE
that will need to be redefined.</p>
 
 <h5><a shape="rect" name="FedizIDP-Userandpassword"></a>User and password</h5>
 



Mime
View raw message