This documentation is for WSO2 Identity Server 5.4.0 . View documentation for the latest release.
Skip to end of metadata
Go to start of metadata

This topic lists out the steps required to configure and execute testing of Identity Server's Passive STS. 


Configuring the sample

Do the following configuration changes to the <SAMPLE_HOME>/passive-sts/passive-sts-client/PassiveSTSSampleApp/src/main/webapp/WEB-INF/web.xml file.

  1. Specify idpUrl as the URL of Identity Server's Passive STS. The following is an example. 

  2. Specify the replyURL as the URL of the web app. The following specifies PassiveSTSSampleApp as the web app.

  3. Specify the realm. This should be a unique identifier for the web app as seen in the example below. 

  4. For tenant user logins, specify the tenantDomain


Configuring Identity Server

  1. Log in to the Identity Server and go to Service Providers>Add in the Main menu in the management console
  2. Enter a unique name for the service provider and click Register. The following form appears. 

  3. Expand the Inbound Authentication Configuration>WS-Federation (Passive) Configuration section and provide the following values. See Configuring WS-Federation (Passive) for more information.

    • Passive STS Realm - Provide the same realm name given to the web app
    • Passive STS WReply URL - Provide the URL of the web app
  4. Click update. 

Deploying the sample on Apache Tomcat

  1. Download Apache Tomcat and extract the .zip file into your directory, if you have not already done so.
  2. Build the sample's .war file by navigating inside the <SAMPLE_HOME> directory where the pom.xml file is located and running the following command 

    mvn clean install
  3. Copy the PassiveSTSSampleApp.war file located in the <SAMPLE_HOME>/passive-sts/passive-sts-client/PassiveSTSSampleApp/target directory and paste a copy of it in the <Tomcat_Home>/webapps directory. 
  4. Navigate inside the [Tomcat_Home/bin] directory in the command line and run sh run command to start the server.
  5. On your browser,access the following link: 
      • to get a SAML 1.1 token: http://localhost:8080/PassiveSTSSampleApp/index.jsp
      • to get a SAML 2.0 token: http://localhost:8080/PassiveSTSSampleApp?samlv=2-0
  6. Enter user credentials and you will be redirected to the IS Passive STS Service. 
  • No labels