Running an STS Client¶
The following sample demonstrates the steps required to run a Security Token Service (STS) client. The STS provides the service of issuing a security token to authenticate a user for your client application, using WS-Trust protocols.
The WS-Trust STS needs to be configured. You can do this by following the instructions found here.
Running the STS client¶
The code for the sample can be checked out from the GitHub repository.
Once downloaded the identity server samples, go inside to
IS-SAMPLES/modules/samples/sts/sts-clientdirectory to build the STS client.
When running the sts-client sample it sends the username and password that is defined in the
IS-SAMPLES/modules/samples/sts/sts-client/src/main/resources/client.propertiesfile. WSO2 Identity Server authenticates if the user is in the system and if the user is in the system a token is sent to the requesting party, which is the sts-client application in this case.
The default username and password defined are that of the default super administrator. You can change it accordingly.
Build the client using
Once the client is built successfully, run the
sts-client.shfile in Unix or
sts-client.batin Windows. You can see that the SAML token issued from the STS is being printed by the client.
The "connection refuse" error occurs in a situation where the STS client attempts to send the received SAML token to a service that is not running in this case.
Request and response messages to and from the STS¶