Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Download the WSO2 Identity Server from here.
  2. Extract the .zip file.
  3. Open a terminal and go into the <IS_HOME>/bin folder.
  4. Start the Identity Server using the wso2server.sh file in Unix or wso2server.bat file in Windows.
  5. Once the server is started visit the URL: https://localhost:9443/carbon/
  6. Sign-In to the Identity Server as an admin using the default credentials (username - admin and password - admin).
  7. In the Main section of the management console, click on SAML SSO under Manage.Image Removed
  8. Now you get the SAML 2.0 based Single Sign-On page. Click Register New Service Provider. Here we have to register the AS, ESB and G-Reg servers as Service Providers.
    Image RemovedImage Added
  9. Fill up this page with the following configurations:

    1. Use the following configurations for Application Server and add them to the relevant sections in the Register New Service Provider screen:

      Panel

      Issuer: carbonServer

      Assertion Consumer URL: https://localhost:9444/acs

      Enable Assertion Signing

      Enable Single Logout

      Enable Response Signing

    2. Use the following values to register the ESB:

      Panel

      Issuer : carbonServer2

      Assertion Consumer URL : https://localhost:9445/acs

      Use fully qualified username in the NameID

      Enable Assertion Signing

      Enable Single Logout

      Enable Response Signing

    3. Use the following values to register the Governance Registry

      Panel

      Issuer : carbonServer3

      Assertion Consumer URL : https://localhost:9446/acs

      Enable Assertion Signing

      Enable Single Logout

       Enable Response Signing

        

Testing the SSO Environment

...

  1. Access the Application Server: https://localhost:9444/carbon/
  2. You are redirected to the Identity Server for authentication. After successful authentication you are redirected back and logged into the Application Server.
  3. Access the ESB using the URL https://localhost:9445/carbon/. You are directly logged into ESB without any authentication challenge.
  4. Access the Governance Registry using the URL https://localhost:9446/carbon/. You are logged into G-Reg directly without any authentication challenge.
  5. Test the Single Sign Out,
    1. Logout from the AS. You are redirected to the SSO authentication page.
    2. Now you should be logged out from the ESB and GReg as well. Try accessing them.

...