Changing the Authentication Method
- Former user (Deleted)
WSO2 Governance Registry (G-Reg) supports the following authentication methods:
- Basic authentication
- SAML based Single Sign On (SSO)
The configurations of these methods are defined in the authentication block in the following files for the Publisher and Store as follows:
"authentication": {
"activeMethod": "basic",
"methods": {
"sso": {
"attributes": {
"issuer": "publisher",
"identityProviderURL": "%https.host%/samlsso",
"responseSigningEnabled": true,
"acs": "https://localhost:9443/publisher/acs",
"identityAlias": "wso2carbon",
"defaultNameIDPolicy": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"useTenantKey": false,
"isPassive":false,
"validateAssertionValidityPeriod": true,
"validateAudienceRestriction": true,
"assertionSigningEnabled": true
}
},
"basic": {
"attributes": {
"loginURL": "%https.host%/%context%/pages/basic-auth-login"
}
}
}
},
- For WSO2 G-Reg Publisher:
<PRODUCT_HOME>/repository/deployment/server/jaggeryapps/publisher/config/publisher.json - For WSO2 G-Reg Store:
<PRODUCT_HOME>/repository/deployment/server/jaggeryapps/publisher/config/store.json
Change the value of the activeMethod property in the above files to set the authentication method as follows:
- To activate basic authentication:
"activeMethod": "basic" - To activate single sign-on:
"activeMethod": "sso"
If you want to activate SAML SSO authentication method, change the service provider configurations also to reflect any port and host changes of your server accordingly in the <PRODUCT_HOME>>repository/conf/identity/sso-idp-config.xml file. This file is used to register service providers with the embedded WSO2 Identity Server components, which provide SAML SSO authentication support. Change the service provider configurations accordingly to reflect any port and host changes of your server. If you are using an external IDP, you need not do this.