Friday, February 10, 2012

Enabling SAML2 SSO for web apps deployed on Tomcat with WSO2 Identity Server IdP

1. Download the sample web app from here and copy it to [CATALINA_HOME]\webapps

2. Extract the sso-webapp.war and search for [IS_HOME] in sso-webapp\WEB_INF\web.xml and change it appropriately pointing to the WSO2 Identity Server extracted location.

e.g : /Users/prabath/releases/wso2is-3.2.3/repository/resources/security/wso2carbon.jks

3. Start Apache Tomcat [This post assumes Tomcat runs on port 8080]

4. Download the latest WSO2 Identity Server from here.

5. Start WSO2 Identity Server [IS] - I assume here Identity Server is running on the default port - 9443. If not you need to change the corresponding entry in [CATALINA_HOME\webapps\sso-webapp\WEB_INF\web.xml.

sh [IS_HOME]\bin\wso2server.sh

6. Login to the IS management console with admin/admin

7. Go to Main/Manage/SAML SSO

8. Fill the form with following values and press Add.

Issuer : ssowebapp
Assertion Consumer URL : http://localhost:8080/sso-webapp/acs [This is where your sample web app is running]
Enable Single Logout : Checked

Keep the rest as default.

10. That's it... To try out visit http://localhost:8080/sso-webapp/index.jsp

You can find further details on this use case from here.

11 comments:

Ehsan Hesamifard said...

Hi
Is it possible to upload your source, I need them...
thanks for your helps...

suresh said...
This comment has been removed by the author.
venkat said...

hi

this is a good example. Further how is authorization handled? only some users are allowed on secure pages. only some users are allowed edit operation on UI controls.
how to address these?

thanks

Kushal Pardeshi said...

Can you please specify:
How to start WSO2 Server and how to login to IS Management Console?

Prabath Siriwardana said...

Please refer https://docs.wso2.com/display/IS500/Running+the+Product

Kushal Pardeshi said...

Thanks Prabath for quick reply...

One more question.... I want to configure SAML 2.0 SSO in SAP BO 4.1 SP5... Is it possible? If yes, how should I Initiate the activity?

Andrew james said...
This comment has been removed by the author.
James Martin said...

These are the best steps for Enabling SAML2 SSO. Here I learn many things about enabling SAML2 SSO. This post is best for web application developers.

caiyan said...

lebron james shoes 2016
longchamp
hollister clothing
chaussures louboutin
ysl outlet online
kate spade handbags
ugg boots
louis vuitton handbags
cheap oakley sunglasses
ralph lauren outlet
20611019caiyan

chenmeinv0 said...

louis vuitton outlet online
nike roshe run 3
canada goose clothing
oakley vault
ugg outlet store
ugg outlet
ray ban sunglasses outlet
true religion jeans
adidas outlet
coach outlet store online
2016.12.27xukaimin

chenmeinv0 said...

nike huarache ultra
polo ralph lauren outlet
louboutin outlet
nike air max 90
christian louboutin shoes
ed hardy clothing
nike air max 95
michael kors handbags
ray ban clubmaster
timberland boots uk
hzx20170302