I am going to address the server that you need to have SSO configured as 'Carbon Server' and just by following the below 2 steps you can configure SSO in your carbon server with WSO2 IS.
1. Configure your carbon server to enable SSO
All the required configuration to have SSO in your carbon server are in Carbon server/repository/conf/security/authenticators.xml
- Enable SSOAuthenticator in authenticators.xml
( 1 ) Set disabled="false"
( 2 ) This should be unique to your carbon server. You will need this value when configuring IS too.
- Start your carbon server with an offset ( offset can be configured in carbon.xml)
2. Register a service provider in IS side
- Start IS in default port ( 9443 ) and log in
- Follow Main > Manage > SAML SSO > Register New Service Provider
- Add the unique identifier ( 2 ) as the Issuer
- Provide Assertion Consumer URL with your carbon server info as https://[host name]:[port]
/acs - Tick on Enable Response Signing and Enable Assertion Signing
- Click on "Register"
Now you are done. You can simply try to log into your carbon server with SSO.
To verify
- Try to access https://[host name]:[port]/carbon
- This will direct you to the authentication endpoint of IdentityProviderSSOServiceURL specified in authenticators.xml
( here https://localhost:9443/authenticationendpoint )
- Give the credentials and hit Sign in
- You will be logged in to your carbon server
To verify
- Try to access https://[host name]:[port]/carbon
- This will direct you to the authentication endpoint of IdentityProviderSSOServiceURL specified in authenticators.xml
( here https://localhost:9443/authenticationendpoint )
- Give the credentials and hit Sign in
- You will be logged in to your carbon server
No comments:
Post a Comment