WSO2IS provides extensions to customize the SAML2 response and Assertion that is generated with SAML2 SSO web browser profile. You can find more on SAML2 SSO with WSO2IS from here as well. Lets go through quick to on customizing SAML2 Response and Assertion. Step 1. First, you need to implement a new SAML2 Response or […]
Tag: SAML2
When we are working with SAML2 SSO, one of the common question that is come in to the picture, is that the handling of session time out between SAML2 IDP and multiple SPs. (when single logout is enabled) Lets try to understand some common problems. 1. Does SP need to send SAML Logout request to […]
I have seen some of the people you are using SSO mechanism (SAML2 SSO, OpenId , OpenID Connect) have raised this in several places. Answer is “Yes“.. it can be done. Simple way is that, Service provider can promote a login page for the end users (or else Service provider can retrieve end user’s credentials […]
In my last blog post, we went through, how we can configure Shibboleth IDP as an Federated IDP for WSO2 Identity Server. Today lets see how we can configure Identity Server with testshib (https://testshib.org/) which is also shibboleth IDP that is available online for testing purposes. Configure Identity Server as SP in testshib IDP testshib has been already configured. […]
As mentioned in my previous post, we discussed how we can use Identity Server as SAML2 SSO IDP. We tried to configure the sample “travelocity.com” application. Now let see how we can achieve the IDP Initiated SAML2 SSO with same setup. Step 1. Enable IdP Initiated SSO. You need to tick on “Enable IdP Initiated […]
In my previous blog post, we went through how you can configure the SAML2 SSO web application with Identity Server. Users authenticate to Identity Server by proving username/password. These username/password must be authenticated with the enterprise user store that is deployed with Identity Server. Therefore only the user who are in the enterprise user store […]
SAML2 Bearer grant type is one of the popular profile in OAuth 2.0. Once end user login in to a web application using SAML2 SSO and if web application needs to call an OAuth secured API behalf of the user, SAML2 Bearer grant type would be the ideal way to do it. With this profile, […]
If you are working on developing, integrating and testing SAML2 based SSO scenarios; It would be really useful, If we can trace the SAML2 messages that are going here and there. Once of the great tool that we can use for this, is the SSO Tracer It is just a firefox plugin and you can install it in […]
In my previous blog post we went through how you can configure the SAML2 SSO web application with Identity Server. Users authenticate to Identity Server by proving username/password. These username/password must be authenticated with the enterprise user store that identity server has been deployed. Therefore only the user who are in the enterprise user store […]
WSO2 Identity Server is one of the powerful open source identity management solution. It can act as an SAML2 SSO IDP. You can use Identity Server to integrate with different applications to achieve seamless user login in your enterprise. You can easily register your service provider applications using WSO2 Identity Server management console. Lets tryout […]