This topic provides instructions on how to configure the Inwebo app and the Identity Server to integrate using a sample app. See the following sections for more information.
- Configuring the Inwebo app
- Deploying Inwebo artifacts
- Deploying travelocity.com sample app
- Configuring the identity provider
- Configuring the service provider
- Configuring user claim
- Testing the sample
Configuring the Inwebo app
- Go to http://www.inwebo.com/ and click free signup and register.
- Activate your email notification and go to https://www.myinwebo.com/.
- Go to Administration console and get the Service Id of admin user.
- Navigate to Secure Sites and download the certificate for API access (.p12 format).
- Go to MyInweboAccount and navigate to My Devices, click add a Device button. The following window appears.
Download Inwebo app in your mobile or any other devices. Add the above secure site ID or scan the QR code to activate the account
Deploying Inwebo artifacts
- Place the
inweboauthenticationendpoint.war
file into the<IS_HOME>/repository/deployment/server/webapps
directory. Place the
org.wso2.carbon.identity.authenticator.inwebo-1.0.0.jar
file into the<IS_HOME>/repository/components/dropins
directory.If you want to upgrade the Inwebo Authenticator in your existing IS pack, please refer upgrade instructions.
To download the authenticator and artifacts, go to https://store.wso2.com/store/assets/isconnector/inwebo.
Deploying travelocity.com sample app
The next step is to deploy the travelocity.com sample app in order to use it in this scenario.
To configure this, see Deploying the Sample App.
Configuring the identity provider
Now you have to configure WSO2 Identity Server by adding a new identity provider.
- Download the WSO2 Identity Server from here and run it.
- Log in to the management console as an administrator.
- In the Identity section under the Main tab of the management console, click Add under Identity Providers.
Give a suitable name as the Identity Provider Name and fill out the form to configure Inwebo by expanding Inwebo Configuration under Federated Authenticators.
Fill in the following.Field Description Sample Value Enable Selecting this option enables Inwebo to be used as an authenticator for users provisioned to the Identity Server. Selected Default Selecting the Default checkbox signifies that Inwebo is the main/default form of authentication. This removes the selection made for any other Default checkboxes for other authenticators. Selected Service ID Enter the Service ID of your Inwebo app. 917 Certificate id This is the p12 password of the Inwebo app you created. fsh235xd3 Configuration file This is the p12 file path values from the Inwebo app you created. Click Register.
You have now added the identity provider.
Configuring the service provider
The next step is to configure the service provider.
Return to the management console.
In the Identity section under the Main tab, click Add under Service Providers.
Enter travelocity.com in the Service Provider Name text box and click Register.
In the Inbound Authentication Configuration section, click Configure under the SAML2 Web SSO Configuration section.
Now set the configuration as follows:
Issuer: travelocity.com
Assertion Consumer URL: http://localhost:8080/travelocity.com/home.jsp
- Select the following check-boxes:
Enable Response Signing
Enable Assertion Signing
Enable Single Logout
Enable Attribute Profile
- Include Attributes in the Response Always
Click Update to save the changes. Now you will be sent back to the Service Providers page.
Go to Local and Outbound Authentication Configuration section.
Select the Advanced configuration radio button option.
Add the basic authentication as first step and Inwebo authentication as the second step
You have now added and configured the service provider.
Configuring User Claim
- Go to Claims under IS Management Console
- Select Add New Claim
- Add new claim UserId (Change Claim Uri as (http://wso2.org/claims/authentication/inwebo/userId)
- Go to Service provider, select travalocity.com→Edit→Claim configuration
- Update the claim UserId
- Now go to Users and Roles
- Add the details and update the profile.
Testing the sample
To test the sample, go to the following URL: http://localhost:8080/travelocity.com
Click the link to log in with SAML from WSO2 Identity Server.
Basic authentication page will be visible, use your IS username and password.
- Hit Click! Button to authenticate Inwebo.
You will get a notification in your external device(mobile).
Enter your Inwebo PIN
- Click accept
Click ok and taken to the home page of the travelocity.com app