Friday, February 10, 2012

Enabling SAML2 SSO for web apps deployed on Tomcat with WSO2 Identity Server IdP

1. Download the sample web app from here and copy it to [CATALINA_HOME]\webapps

2. Extract the sso-webapp.war and search for [IS_HOME] in sso-webapp\WEB_INF\web.xml and change it appropriately pointing to the WSO2 Identity Server extracted location.

e.g : /Users/prabath/releases/wso2is-3.2.3/repository/resources/security/wso2carbon.jks

3. Start Apache Tomcat [This post assumes Tomcat runs on port 8080]

4. Download the latest WSO2 Identity Server from here.

5. Start WSO2 Identity Server [IS] - I assume here Identity Server is running on the default port - 9443. If not you need to change the corresponding entry in [CATALINA_HOME\webapps\sso-webapp\WEB_INF\web.xml.

sh [IS_HOME]\bin\

6. Login to the IS management console with admin/admin

7. Go to Main/Manage/SAML SSO

8. Fill the form with following values and press Add.

Issuer : ssowebapp
Assertion Consumer URL : http://localhost:8080/sso-webapp/acs [This is where your sample web app is running]
Enable Single Logout : Checked

Keep the rest as default.

10. That's it... To try out visit http://localhost:8080/sso-webapp/index.jsp

You can find further details on this use case from here.


Ehsan Hesamifard said...

Is it possible to upload your source, I need them...
thanks for your helps...

suresh said...
This comment has been removed by the author.
venkat said...


this is a good example. Further how is authorization handled? only some users are allowed on secure pages. only some users are allowed edit operation on UI controls.
how to address these?


Kushal Pardeshi said...

Can you please specify:
How to start WSO2 Server and how to login to IS Management Console?

Prabath Siriwardana said...

Please refer

Kushal Pardeshi said...

Thanks Prabath for quick reply...

One more question.... I want to configure SAML 2.0 SSO in SAP BO 4.1 SP5... Is it possible? If yes, how should I Initiate the activity?

Andrew james said...
This comment has been removed by the author.
James Martin said...

These are the best steps for Enabling SAML2 SSO. Here I learn many things about enabling SAML2 SSO. This post is best for web application developers.

caiyan said...

lebron james shoes 2016
hollister clothing
chaussures louboutin
ysl outlet online
kate spade handbags
ugg boots
louis vuitton handbags
cheap oakley sunglasses
ralph lauren outlet

chenmeinv0 said...

louis vuitton outlet online
nike roshe run 3
canada goose clothing
oakley vault
ugg outlet store
ugg outlet
ray ban sunglasses outlet
true religion jeans
adidas outlet
coach outlet store online

chenmeinv0 said...

nike huarache ultra
polo ralph lauren outlet
louboutin outlet
nike air max 90
christian louboutin shoes
ed hardy clothing
nike air max 95
michael kors handbags
ray ban clubmaster
timberland boots uk

Hua Cai said...

coach outlet
cleveland cavaliers jerseys
sac louis vuitton pas cher
true religion outlet
cheap ray ban sunglasses
michael kors factory outlet
louis vuitton
longchamp outlet
oakley sunglasses
louis vuitton

dong dong23 said...

lebron 13 shoes
true religion outlet
pandora bracelet
nhl jerseys wholesale
cheap jordan sneakers
kobe 12 shoes
ralph lauren polo shirts
sac longchamp
coach outlet store online
ralph lauren outlet

Gege Dai said...

ralph lauren outlet
ray ban sunglasses wholesale
fitflops sale clearance
mbt shoes
fred perry polo
giuseppe zanotti shoes
nhl jerseys
nike air huarache
cartier watches for women
coach factory outlet