Versions Compared

Old Version 8

changes.mady.by.user Former user

Saved on

compared with

New Version 9

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The client application must be set up as a service provider in the primary Identity Server instance and this can be done by following the instruction here.

Then follow the below instructions

  1. After adding the client application as a service provider in the primary Identity Server instance, navigate to the Main menu and click List under Service Providers. Click Edit next to the service provider you created.
  2. Expand the Local & Outbound Authentication Configuration section. Here we set the travelocity client to use the primary IS instance and the identity provider named 'Secondary' also as its identity provider. For this we have to add authentication steps. 
    1. Click Advanced Configuration and from next UI below, click Add Authentication Step
    2. Under Local Authenticators add the “basic” authenticator by selecting it from the combo box and clicking Add Authenticator
    3. Under Federated Authenticators select “Secondary” and add it.
    4. Click Update to save your changes.
  3. Click Update to save changes to your service provider configurations. Now when you log in to the client application it can select either the primary IS instance or secondary IS instance as the identity provider and therefore has access to both user spaces.
  4. Go to https://localhost:9443/carbon, the primary IS instance, and create a user named 'primaryuser' and set the password as 'primepass'.
  5. Go to https://localhost:9444/carbon, the secondary IS instance and create a user named 'secondaryuser' and set the password as 'secondpass'.
  6. Test your application. 
    1. After copying the "travelocity.war" file to the <TOMCAT_HOME>/webapps directory, run the Tomcat server. 
    2. Go to http://localhost:8080/travelocity.com. This is the client application.
      Image Added 
    3. Since we are using SAML for authentication, click the link in the first line. 
    4. In the resulting screen, log in with the username 'primaryuser' and the password 'primepass'.
      Image Added
      The client redirects you to the primary IS dashboard. From there you can either authenticate as local user from primary IS such as “primaryuser' we just created. If we want to authenticate as a user in the Secondary IS instance which is the secondary IDP in here just click “Secondary” under Other login options and from the new login window type “secondaryuser' and password which was created in Secondary IS instance