In my previous blog post , we went through how you can configure the SAML2 SSO and OpenId Connect web application with Identity Server. You can find more detail on configuring SAML2 SSO web application from here. You can find more details on configuring OpenId Connect web application from here. In both case, Users are […]
Tag: Identity Server
Identity Server supports most of the user management related functions. It provides SOAP based web service API (More details from here ) and REST API (According to SCIM specification) for applications to use these user management functions. Also, these user management functions are called by the other component of the WSO2IS. As an example, These […]
In my last blog post, we went through, how we can configure Shibboleth IDP as an Federated IDP for WSO2 Identity Server. Today lets see how we can configure Identity Server with testshib (https://testshib.org/) which is also shibboleth IDP that is available online for testing purposes. Configure Identity Server as SP in testshib IDP testshib has been already configured. […]
In my previous blog post , we went through how you can configure the SAML2 SSO web application with Identity Server. Users authenticate to Identity Server by proving username/password. These username/password must be authenticated with the enterprise user store that identity server has been deployed. Therefore only the user who are in the enterprise user store […]
SAML2 Bearer grant type is one of the popular profile in OAuth 2.0. Once end user login in to a web application using SAML2 SSO and if web application needs to call an OAuth secured API behalf of the user, SAML2 Bearer grant type would be the ideal way to do it. With this profile, […]
Identity Server supports for both In-bound and Out-bound provisions. First let try to understand what is meant by Out/In provisioning In-bound provisioning Provisioning users/groups to Identity Server’s user stores by an application (Service Provider). Supported via SCIM Standard. Also there is a SOAP based web service API. Users/Groups would be created in primary or secondary […]
With my previous post, i went through XACML PDP (Policy Decision Point) architecture by using WSO2 Identity Server. In this blog post, i am hoping to go through how PDP and PAP have been separated each other. In some implementation (specially with older Identity server versions), there is no any separation with PAP (Policy Administrator […]
It is really pleasure to announced that WSO2 Identity Server 4.5.0/5.0.0 can be downloaded from here. There are lot new improvements in XACML space with new version. let me go through them briefly. 1. Balana bug fixes and improvements. Latest trunk of Balana has been used for Identity Server. Therefore bug fixes up to Sep […]
In my previous two post, i mainly focused on simple policy editor. Today i am going to show, how we can create a policy using basic policy editor. Some of the important facts with basic policy editor…. Fact 1. You need to have small knowledge about XACML policy language. Such as What is Target in […]
In my previous post, we understood how we can create XACML policy using “Simple Policy Editor”. But, there were only few attribute types to select (for user, it has Age, Email, UserName, Roles). It is great, if we can add new attribute types. You can do it also. If you just see around the UI, […]