Versions Compared

Old Version 33

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The responsibility of the inbound authenticators component is to identify and parse all the incoming authentication requests and then build the corresponding response. A given inbound authenticator has two parts.

  • Request Processor
  • Response Builder

For each protocol supported by the WSO2 Identity Server, there should be an inbound authenticator. The Identity Server includes inbound authenticators for SAML 2.0, OpenID, OpenID Connect, OAuth 2.0, Kerberos KDC, WS-Trust STS and WS-Federation (passive). The responsibility of the SAML 2.0 request processor is to accept a SAML request from a service provider, validate the SAML request and then build a common object model understood by the authentication framework and handover the request to it. The responsibility of the SAML response builder is to accept a common object model from the authentication framework and build a SAML response out of it.

Both the request processors and the response builders are protocol aware, while the authentication framework is not coupled to any protocol. See Architecture for more information on the complete flow where inbound authenticators come into play.

You can configure the following for inbound authentication.

Expand
titleSAML2 Web SSO Configuration

Include Page
Configuring SAML2 Web Single-Sign-On
Configuring SAML2 Web Single-Sign-On

Expand
titleOAuth/OpenID Connect Configuration

Include Page
Configuring OAuth2-OpenID Connect Single-Sign-On
Configuring OAuth2-OpenID Connect Single-Sign-On

Expand
titleOpenID Configuration

Include Page
Configuring OpenID Single-Sign-On
Configuring OpenID Single-Sign-On

Expand
titleWS-Federation (Passive) Configuration

Include Page
Configuring WS-Federation Single Sign-On
Configuring WS-Federation Single Sign-On

Expand
titleWS-Trust Security Token Service Configuration

Include Page
Configuring WS-Trust STS
Configuring WS-Trust STS

Panel
titleRelated Topics

See Single Sign-On for details on configuring single sign-on for service provider using inbound authentication. See the following topics for samples of configuring single sign-on: