Page Comparison

Single sign-on (SSO) allows users, who are authenticated against one application, gain access to multiple other related applications as well without having to repeatedly authenticate themselves. It also allows the web applications gain access to a set of back-end services with the logged-in user's access rights, and the back-end services can authorize the user based on different claims like user role.

...

Open <AM_HOME>/repository/conf/datasources/master-datasources.xml file and add the datasource configuration for the relevant database. For example,

Code Block

language	html/xml

<datasource>
     <name>WSO2_UM_DB</name>
     <description>The datasource used for registry and user manager</description>
     <jndiConfig>
              <name>jdbc/WSO2UMDB</name>
     </jndiConfig>
     <definition type="RDBMS">
              <configuration>
                  <url>jdbc:mysql://localhost:3306/410_um_db</url>
                  <username>username</username>
                  <password>password</password>
                  <driverClassName>com.mysql.jdbc.Driver</driverClassName>
                  <maxActive>50</maxActive>
                  <maxWait>60000</maxWait>
                  <testOnBorrow>true</testOnBorrow>
                  <validationQuery>SELECT 1</validationQuery>
                  <validationInterval>30000</validationInterval>
              </configuration>
       </definition>
</datasource>

Note
Place the relevant database driver JAR file in `<AM_HOME>/repository/components/lib` directory. To create the database schema, you can use the relevant script found in `<AM_HOME>/dbscripts` directory.

Add the same datasource configuration in <IS_HOME>/repository/conf/datasources/master-datasources.xml file.
Note
Place the relevant database driver JAR file in <IS_HOME>/repository/components/lib directory.
Open <AM_HOME>/repository/conf/user-mgt.xml file and change its dataSource property to the jndiConfig name given above (jdbc/WSO2UMDB). For example,
Code Block
language html/xml
<Property name="dataSource">jdbc/WSO2UMDB</Property>
Have the same configuration as above in the <IS_HOME>/repository/conf/user-mgt.xml file as well.
The WSO2 Identity Server has an embedded LDAP user store by default. Follow the instructions on Internal JDBC User Store Configuration to disable the default LDAP and to use the JDBC User Store instead.
Open <IS_HOME>/repository/conf/security/application-authentication.xml and change the loginPage IP and port in <AuthenticatorConfig name="BasicAuthenticator" enabled="true"> accordingly. For example,
Code Block
language html/xml
<AuthenticatorConfigs> <Status value="10" loginPage="https://localhost:9444/authenticationendpoint/login.do"/> </AuthenticatorConfigs>

SSO configuration instructions are given below.

Table of Contents

maxLevel	4
minLevel	4

Configuring WSO2 Identity Server as a SAML 2.0 SSO Identity Provider

Download and set up WSO2 Identity Server (version 4.6.0 is used here). See https://docs.wso2.org/display/IS460/Getting+Started in the IS documentation for installation instructions.
Start the IS server and log in to its Management Console UI.
Select the SAML SSO menu under the Main menu in the left pane.

Image Modified
The SAML SSO window opens. Add the following configurations under section Register New Service Provider to register the API Manager applications as SSO service providers. Use the exact same values, which were used to configure the API Manager web applications.

To register API Publisher as an SSO service provider:
To register API Store as an SSO service provider:
For example:

...

Versions Compared

Old Version 7

New Version 8

Key

Configuring WSO2 Identity Server as a SAML 2.0 SSO Identity Provider