Versions Compared

Old Version 50

changes.mady.by.user Former user

Saved on

compared with

New Version 51

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Current trends require usage of services from hundreds of websites in a connected world. Most of these websites need the user to create an account with them by providing a valid email address and password. Remembering all the different user IDs and passwords that you use can be difficult and cumbersome. To make life easier most websites now provide the user with an option to log in using their Facebook account, Twitter account or Google account. Since most of the internet users have one of these accounts, it makes creating a new account an instant action.

...

Tip
titleBefore you begin!

If you haven't downloaded the samples, please refer this document to download the travelocity.com sample application.
Once the samples are downloaded, you can find the travelocity.com sample in the <IS_SAMPLES>/modules/samples/sso/sso-agent-sample/target directory.

  1. Open a terminal window and add the following entry to the /etc/hosts file of your machine to configure the hostname.

    Code Block
    languagebash
    127.0.0.1	wso2is.local

    Info
    titleWhy is this step needed?

    Some browsers do not allow you to create cookies for a naked hostname, such as localhost. Cookies are required when working with SSO. Therefore, to ensure that the SSO capabilities work as expected in this tutorial, you need to configure the etc/host file as explained in this step.

    The etc/host file is a read-only file. Therefore, you won't be able to edit it by opening the file via a text editor. Instead, edit the file using the terminal commands.
    For example, use the following command if you are working on a Mac/Linux environment.

    Code Block
    sudo nano /etc/hosts
  2. Deploy this sample web app on a web container. 
    1. Use the Apache Tomcat server to do this.
    2. Since this sample is written based on Servlet 3.0, it needs to be deployed on Tomcat 7.x.

    3. Copy the .war file into the webapps folder. For example, <APACHE_HOME>/apache-tomcat-7.0.50/webapps.

    4. Start the tomcat server.

  3. Open the travelocity.properties file found in the <APACHE_HOME>/webapps/travelocity.com/WEB-INF/classes directory and configure the following property with the hostname (wso2is.local) that you configured above. Finally restart the tomcat server.

    Code Block
    languagetext
    #The URL of the SAML 2.0 Assertion Consumer
SAML2.AssertionConsumerURL=http://wso2is.local:8080/travelocity.com/home.jsp
Tip

Tip: If you wish to change properties like the issuer ID, consumer URL, and IdP URL, you can edit the travelocity.properties file found in the travelocity.com/WEB-INF/classes directory. Also if the service provider is configured in a tenant you can use "QueryParams" property to send the tenant domain. As an example "QueryParams=tenantDomain=wso2.com".

This sample uses the following default values.

PropertiesDescription
SAML2.SPEntityId=travelocity.com
A unique identifier for this SAML 2.0 Service Provider application

SAML2.AssertionConsumerURL=http://wso2is.local:8080/travelocity.com/home.jsp

The URL of the SAML 2.0 Assertion Consumer

SAML2.IdPURL=https://localhost:9443/samlsso

The URL of the SAML 2.0 Identity Provider
SAML2.IsPassiveAuthn=true
Set this to send SAML2 passive authentication requests

If you edit the travelocity.properties file, you must restart the Apache Tomcat server for the changes to take effect.

...

You have now added and configured the service provider.

Note

The default client-truststore.jks found in the <IS_HOME>/repository/resources/security/ directory contains the Facebook certificate by default.

Panel
titleRelated Topics

For more information on SSO, see Single Sign-On.

...