Сконфигурируйте apim wso2 для saml2 с помощью внешнего idp (aws sso) - PullRequest
Новая
       12

Сконфигурируйте apim wso2 для saml2 с помощью внешнего idp (aws sso)

0 голосов
/ 01 апреля 2019 
I created an external Identity provider in the wso2 identity server carbon console under Identity Providers and have configure saml web sso authenticator with aws sso service url. I have added this identity provider to my Service provider API_PUBLISHER in wso2 identity server carbon console. I opted for Federated Authentication under Local & Outbound Authentication Configuration for the service provider. I have both wso2 apim and wso2 is running on the same instance . I have given an offset of 1 in carbon.xml of wso2 identity server so that it runs on port 9444. But on starting both services(wso2 api manager  and wso2 identity server), when I browse for 
https://<subdomain-url>:9443/publisher,  it gets redirected https://<subdomain-url>:9443/samlsso?spEntityID=API_STORE&RelayState=c1834ad1-c745-43c8-a5fd-476e75173c74 with error "Error 405 method not found".

Additionally when I browse https://<subdomainurl>:9444/identity/metadata/saml2, the single sign on service url has value with port 9443..The url is meta data xml is https://<subdomain url>:9443/samlsso. 
1) I want to know which are the configuration files and values  in api manager and wso2 is server where I have to configure port 9444 explicitly.
2) In wso2 identity server, under path security\authenticators.xml, what should be the value of ServiceProviderID  and AssertionConsumerServiceURL port,

 <Authenticator name="SAML2SSOAuthenticator" disabled="false">
        <Priority>1</Priority>
        <!--Priority>10</Priority-->
        <Config>
            <Parameter name="LoginPage">/carbon/admin/login.jsp</Parameter>
            <Parameter name="ServiceProviderID">carbonServer</Parameter>
            <Parameter name="IdentityProviderSSOServiceURL">https://<<subdomainurl>:9444/samlsso</Parameter>
            <Parameter name="NameIDPolicyFormat">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</Parameter>
            <Parameter name="AssertionConsumerServiceURL">https://<<subdomainurl>>:9443/acs</Parameter>
3) What should be the value of identityAlias in site.json in api manager publisher and store.

4) Каким должно быть значение идентификатора объекта поставщика услуг при настройке saml web sso authenticator

...