Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Open the <SERVICE_PROVIDER_IS_HOME>/repository/conf/identity/sso-idp-config.xml file and add the following configuration to itunder the <SSOIdentityProviderConfig> properties
    <ServiceProviders> tag. This adds the travelocity application as a service provider.

    Code Block
    languagexml
    <ServiceProvider>
        <Issuer>travelocity.com</Issuer>
        <AssertionConsumerServiceURLs>
          <AssertionConsumerServiceURL>http://wso2is.local:8080/travelocity.com/home.jsp</AssertionConsumerServiceURL>
        </AssertionConsumerServiceURLs>
        <DefaultAssertionConsumerServiceURL>http://wso2is.local:8080/travelocity.com/home.jsp</DefaultAssertionConsumerServiceURL>
        <EnableSingleLogout>true</EnableSingleLogout>
        <SLOResponseURL></SLOResponseURL>
        <SLORequestURL></SLORequestURL>
        <SAMLDefaultSigningAlgorithmURI>http://www.w3.org/2000/09/xmldsig#rsa-sha1</SAMLDefaultSigningAlgorithmURI>
        <SAMLDefaultDigestAlgorithmURI>http://www.w3.org/2000/09/xmldsig#sha1</SAMLDefaultDigestAlgorithmURI>
        <SignResponse>true</SignResponse>
        <ValidateSignatures>true</ValidateSignatures>
        <EncryptAssertion>true</EncryptAssertion>
        <CertAlias></CertAlias>
        <EnableAttributeProfile>true</EnableAttributeProfile>
        <IncludeAttributeByDefault>true</IncludeAttributeByDefault>
        <ConsumingServiceIndex>2104589</ConsumingServiceIndex>
        <EnableAudienceRestriction>false</EnableAudienceRestriction>
        <AudiencesList>
          <Audience></Audience>
        </AudiencesList>
        <EnableRecipients>false</EnableRecipients>
        <RecipientList>
          <Recipient></Recipient>
        </RecipientList>
        <EnableIdPInitiatedSSO>false</EnableIdPInitiatedSSO>
        <EnableIdPInitSLO>false</EnableIdPInitSLO>
        <ReturnToURLList>
          <ReturnToURL></ReturnToURL>
        </ReturnToURLList>
    </ServiceProvider>
  2. Create a file named travelocity.com.xml in the <SERVICE_PROVIDER_IS_HOME>/repository/conf/identity/service-providers directory.
  3. Add the following configurations into the travelocity.com.xml file you created. This adds the necessary SAML configurations to the travelocity service provider.

    Note

    If you added the "SHARED_" prefix to the identity provider name when adding the identity provider, replace the  <IdentityProviderName>  value (found under the  <LocalAndOutBoundAuthenticationConfig>  element) in the  travelocity.com.xml  file, with the following value.

    Code Block
    SHARED_identityProviderIDP_IS
    Code Block
    languagexml
    <ServiceProvider>
        <ApplicationID>3</ApplicationID>
        <ApplicationName>travelocity.com</ApplicationName>
        <Description>travelocity Service Provider</Description>
        <IsSaaSApp>true</IsSaaSApp>
        <InboundAuthenticationConfig>
            <InboundAuthenticationRequestConfigs>
                <InboundAuthenticationRequestConfig>
                    <InboundAuthKey>travelocity.com</InboundAuthKey>
                    <InboundAuthType>samlsso</InboundAuthType>
                    <Properties></Properties>
                </InboundAuthenticationRequestConfig>
            </InboundAuthenticationRequestConfigs>
        </InboundAuthenticationConfig>
      
        <LocalAndOutBoundAuthenticationConfig>
        <AuthenticationSteps>
            <AuthenticationStep>
                <StepOrder>1</StepOrder>
                <LocalAuthenticatorConfigs>
                    <LocalAuthenticatorConfig>
                        <Name>BasicAuthenticator</Name>
                        <DisplayName>basicauth</DisplayName>
                        <IsEnabled>true</IsEnabled>
                    </LocalAuthenticatorConfig>
                </LocalAuthenticatorConfigs>>
                <FederatedIdentityProviders>
                    <IdentityProvider>
                        <IdentityProviderName>identityProviderIDP_IS</IdentityProviderName>
                        <IsEnabled>true</IsEnabled>
                        <DefaultAuthenticatorConfig>
                            <FederatedAuthenticatorConfigs>
                                <FederatedAuthenticatorConfig>
                                    <Name>SAMLSSOAuthenticator</Name>
                                    <DisplayName>samlsso</DisplayName>
                                    <IsEnabled>true</IsEnabled>
                                </FederatedAuthenticatorConfig>
                            </FederatedAuthenticatorConfigs>
                        </DefaultAuthenticatorConfig>
                    </IdentityProvider>
                </FederatedIdentityProviders>
                <SubjectStep>true</SubjectStep>
                <AttributeStep>true</AttributeStep>
            </AuthenticationStep>
        </AuthenticationSteps>
    </LocalAndOutBoundAuthenticationConfig>
        <RequestPathAuthenticatorConfigs></RequestPathAuthenticatorConfigs>
        <InboundProvisioningConfig></InboundProvisioningConfig>
        <OutboundProvisioningConfig></OutboundProvisioningConfig>
        <ClaimConfig>
            <AlwaysSendMappedLocalSubjectId>true</AlwaysSendMappedLocalSubjectId>
            <LocalClaimDialect>true</LocalClaimDialect><ClaimMappings><ClaimMapping><LocalClaim><ClaimUri>http://wso2.org/claims/givenname</ClaimUri></LocalClaim><RemoteClaim><ClaimUri>http://wso2.org/claims/givenName</ClaimUri>ClaimUri></RemoteClaim><RequestClaim>true</RequestClaim></ClaimMapping></ClaimMappings></ClaimConfig>    
        <PermissionAndRoleConfig></PermissionAndRoleConfig>
    </ServiceProvider>

...

Panel
titleRelated links

The following links provide additional information that may be relevant when attempting the instructions in this topic.