wso2 - SAML 2.0 protocol exposed as Web Service -


i want implement sso system saml 2.0 protocol using wso2 identity provider. i've analyzed sso sample https://docs.wso2.com/display/is500/configuring+single+sign-on+with+saml+2.0 learn how implement service provider side generate saml 2.0 authentication request. afaik ways implement saml sp using either openam, opensaml or shibboleth. methods require programming knowledge service provider implement it.

thus question: there web admin service in wso2 ease implementation of saml sp? i've find out saml2ssoauthenticationservice.wsdl i'm not sure how works , whether need other admin services in order implement desired solution.

you can use https://localhost:9443/services/identityapplicationmanagementservice admin service createapplication method create service provider.

or can create service provider using configuration files.

please follow setps below

1) open /repository/conf/security/sso-idp-config.xml file , add following configuration it. adds travelocity application service provider.

<serviceprovider>     <issuer>travelocity.com</issuer>     <assertionconsumerservice>http://localhost:8080/travelocity.com/home.jsp</assertionconsumerservice>     <signassertion>false</signassertion>     <signresponse>false</signresponse>     <enableattributeprofile>true</enableattributeprofile>     <includeattributebydefault>true</includeattributebydefault>     <enablesinglelogout>true</enablesinglelogout>     <claims>         <claim>http://wso2.org/claims/givenname</claim>     </claims>     <logouturl></logouturl>     <enableaudiencerestriction>false</enableaudiencerestriction>     <consumingserviceindex>2104589</consumingserviceindex> </serviceprovider>

2) create file named travelocity.com.xml in /repository/conf/identity/service-providers directory

3) add following configurations travelocity.com.xml file created. adds necessary saml configurations travelocity service provider

<serviceprovider>     <applicationid>3</applicationid>     <applicationname>travelocity.com</applicationname>     <description>travelocity service provider</description>     <issaasapp>true</issaasapp>     <inboundauthenticationconfig>         <inboundauthenticationrequestconfigs>             <inboundauthenticationrequestconfig>                 <inboundauthkey>travelocity.com</inboundauthkey>                 <inboundauthtype>samlsso</inboundauthtype>                 <properties></properties>             </inboundauthenticationrequestconfig>         </inboundauthenticationrequestconfigs>     </inboundauthenticationconfig>      <localandoutboundauthenticationconfig>         <authenticationsteps>             <authenticationstep>                 <steporder>1</steporder>                 ­­<localauthenticatorconfigs>                     <localauthenticatorconfig>                         <name>basicauthenticator</name>                         <displayname>basicauth</displayname>                         <isenabled>true</isenabled>                     </localauthenticatorconfig>                 </localauthenticatorconfigs>­­>                 <federatedidentityproviders>                     <identityprovider>                         <identityprovidername>identityprovideridp_is</identityprovidername>                         <isenabled>true</isenabled>                         <defaultauthenticatorconfig>                             <federatedauthenticatorconfig>                                 <name>samlssoauthenticator</name>                                 <displayname>samlsso</displayname>                                 <isenabled>true</isenabled>                             </federatedauthenticatorconfig>                         </defaultauthenticatorconfig>                     </identityprovider>                 </federatedidentityproviders>                 <subjectstep>true</subjectstep>                 <attributestep>true</attributestep>             </authenticationstep>         </authenticationsteps>     </localandoutboundauthenticationconfig>     <requestpathauthenticatorconfigs></requestpathauthenticatorconfigs>     <inboundprovisioningconfig></inboundprovisioningconfig>     <outboundprovisioningconfig></outboundprovisioningconfig>     <claimconfig>         <alwayssendmappedlocalsubjectid>true</alwayssendmappedlocalsubjectid>         <localclaimdialect>true</localclaimdialect><claimmappings><claimmapping><localclaim><claimuri>http://wso2.org/claims/givenname</claimuri></localclaim><remoteclaim><claimuri>http://wso2.org/claims/givenname</claimuri>claimuri></remoteclaim><requestclaim>true</requestclaim></claimmapping></claimmappings></claimconfig>         <permissionandroleconfig></permissionandroleconfig> </serviceprovider>

please refer link more details [1] https://docs.wso2.com/display/is500/adding+a+service+provider+and+identity+provider+using+configuration+files


Comments

Post a Comment

Popular posts from this blog

Magento/PHP - Get phones on all members in a customer group -

i working on custom magento extension. working around adminhtml part , i've created custom form there. here form code: <?php class vivasindustries_smsnotification_block_adminhtml_sms_sendmass_edit_form extends mage_adminhtml_block_widget_form { public function _preparelayout() { $extensionpath = mage::getmoduledir('js', 'vivasindustries_smsnotification'); $head = $this->getlayout()->getblock('head'); $head->addjs('jquery.js'); $head->addjs('vivas.js'); return parent::_preparelayout(); } protected function _prepareform() { $form = new varien_data_form(array( 'id' => 'edit_form', 'action' => $this->geturl('*/*/save', array('id' => $this->getrequest()->get...
Read more

php - Bypass Geo Redirect for specific directories -

i'm trying bypass redirect specific url within site. wondering if might able help. the code below code use, original urls replaces example.com i'd able access http://example.com/admin without redirect occuring. is there way this, , there way using own ip? function country_geo_redirect() { $country = getenv('http_geoip_country_code'); if ($country == "us" ) { wp_redirect("http://usa.example.com/"); exit; } else if ($country == "gb" ) { wp_redirect("http://uk.example.com/"); exit; } } add_action('init', 'country_geo_redirect'); you can bypass redirection code if server found ip address. if ip address == <my ip address> ' nothing here else country_georedirect() end if
Read more

php - .htaccess mod_rewrite for dynamic url which has domain names -

i want convert url ex:( example.com/link.php?url=facebook.com ) ( example.com/facebook.com.php ) how can using .htaccess. or there other process make job easier ? i tried adding script .htaccess file options +followsymlinks rewriteengine on rewriterule url-(.*)\.htm$ link.php?url=$1 but converting url adding "url-" ( example.com/url-facebook.com.php ) i want remove "url-" , want make ( example.com/facebook.com.php ) rewriteengine on rewritecond %{the_request} ^get.*link\.php\?url\= [nc] rewritecond %{request_uri} !/system/.* [nc] rewriterule (.*?)link\.php\?url\=/*(.*) /$1$2 [r=301,ne,l] not sure how above work edit of used use remove index.php url
Read more