1. Management Console
2. Admin Services.
3. Configuration Files.
This blog will explain how to deploy a SP using configuration files.
I have used WSO2 IS 5.0.0 and Travelocity web app for this scenario.
Please follow the
steps given below to create service provider using configuration
files.
1.Goto
<IS_HOME>/repository/conf/security/sso-idp-config.xml file and
add the following configuration to it. This adds the travelocity
application as a service provider.
<ServiceProvider>
<Issuer>travelocity.com</Issuer>
<AssertionConsumerService>http://localhost:8080/travelocity.com/home.jsp</AssertionConsumerService>
<SignAssertion>true</SignAssertion>
<SignResponse>true</SignResponse>
<EnableAttributeProfile>true</EnableAttributeProfile>
<IncludeAttributeByDefault>true</IncludeAttributeByDefault>
<EnableSingleLogout>true</EnableSingleLogout>
<Claims>
<Claim>http://wso2.org/claims/givenName</Claim>
</Claims>
<LogoutUrl></LogoutUrl>
<EnableAudienceRestriction>false</EnableAudienceRestriction>
<ConsumingServiceIndex>2104589</ConsumingServiceIndex>
</ServiceProvider>
2. Create a file
named travelocity.com.xml in the
<IS_HOME>/repository/conf/identity/service-providers directory.
3. Add the following
configurations into the travelocity.com.xml file you created. This
adds the necessary SAML configurations to the travelocity service
provider.
<ServiceProvider>
<ApplicationID>3</ApplicationID>
<ApplicationName>travelocity.com</ApplicationName>
<Description>travelocity
Service Provider</Description>
<IsSaaSApp>false</IsSaaSApp>
<InboundAuthenticationConfig>
<InboundAuthenticationRequestConfigs>
<InboundAuthenticationRequestConfig>
<InboundAuthKey>travelocity.com</InboundAuthKey>
<InboundAuthType>samlsso</InboundAuthType>
<Properties></Properties>
</InboundAuthenticationRequestConfig>
</InboundAuthenticationRequestConfigs>
</InboundAuthenticationConfig>
<LocalAndOutBoundAuthenticationConfig>
<AuthenticationSteps>
<AuthenticationStep>
<StepOrder>1</StepOrder>
<LocalAuthenticatorConfigs>
<LocalAuthenticatorConfig>
<Name>BasicAuthenticator</Name>
<DisplayName>basicauth</DisplayName>
<IsEnabled>true</IsEnabled>
</LocalAuthenticatorConfig>
</LocalAuthenticatorConfigs>
<FederatedIdentityProviders>
</FederatedIdentityProviders>
<SubjectStep>true</SubjectStep>
<AttributeStep>true</AttributeStep>
</AuthenticationStep>
</AuthenticationSteps>
</LocalAndOutBoundAuthenticationConfig>
<RequestPathAuthenticatorConfigs></RequestPathAuthenticatorConfigs>
<InboundProvisioningConfig></InboundProvisioningConfig>
<OutboundProvisioningConfig></OutboundProvisioningConfig>
<ClaimConfig>
<AlwaysSendMappedLocalSubjectId>true</AlwaysSendMappedLocalSubjectId>
</ClaimConfig>
<PermissionAndRoleConfig></PermissionAndRoleConfig>
</ServiceProvider>
4. Start the Identity server.
5. Use the
instructions given under “Configuring the SSO web application”
topic in https://docs.wso2.com/display/IS500/Configuring+Single+Sign-On+with+SAML+2.0#ConfiguringSingleSign-OnwithSAML2.0-ConfiguringtheSSOwebapplication to diploy travelocoty sample.
6. Run the sample app.
8. Since you need to use SAML2 for this Sample, click the first link, i.e., Click here to login with SAML from Identity Server. You are redirected to the Identity Server for authentication.
9. Enter the default admin credentials (admin/admin).
10. Now you are logged in and you can see the home page of the travelocity.com app.
No comments:
Post a Comment