This documentation is for WSO2 Identity Server 5.2.0. View documentation for the latest release.
Page Comparison - Customizing the Authentication Endpoint (v.7 vs v.8) - Identity Server 5.2.0 - WSO2 Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Shutdown the server if it is already started.
  2. Set the property tenantListEnabled=false in the EndpointConfig.properties file.

    Info
    • If you are hosting the authenticationendpoint.war webapp within WSO2 Identity Server, set this property in the <IS_HOME>/repository/conf/identity/EndpointConfig.properties file.
       

    • If you are hosting it outside the WSO2 Identity Server (i.e., external Tomcat or WSO2 Application Server), set this property in the <IS_HOME>/repository/deployment/server/webapps/authenticationendpoint/WEB-INF/classes/EndpointConfig.properties file.  
  3. Set TenantDomainDropDownEnabled parameter to false in the <IS_HOME>/repository/conf/identity/application-authentication.xml file.

    Code Block
    languagexml
    <TenantDomainDropDownEnabled>false</TenantDomainDropDownEnabled>
  4. If the MutualSSLAuthenticator is only used for the purpose of listing tenant domains in the drop down, disable it in the <IS_HOME>/repository/conf/security/authenticators.xml file.

    Code Block
    languagexml
    <Authenticator name="MutualSSLAuthenticator" disabled="true">
  5. Restart the server.

Customizing the authentication endpoint webapp to support browser back button action and

...

access via bookmarked sign-in page

This section describes how you can customize the authentication endpoint webapp to seamlessly handle the following actions:

...

  1. Clone the authentication browser back button handler git repo and navigate to the source directory.
  2. Execute the following command to build the CustomLoginEndpointUtils-1.0.0.jar:

    Code Block
    mvn clean install
  3. Copy the CustomLoginEndpointUtils-1.0.0.jar to the <IS_HOME>/repository/components/dropins directory.
  4. Copy the check_session_id.jsp file from the artifacts directory of the cloned git repo to the <IS_HOME>/repository/deployment/server/webapps/authenticationendpoint directory.
  5. Edit the <IS_HOME>/repository/deployment/server/webapps/authenticationendpoint/WEB-INF/web.xml file and add the following entries:

    Code Block
        <servlet>
            <servlet-name>check_session_id.do</servlet-name>
            <jsp-file>/check_session_id.jsp</jsp-file>
        </servlet>
        ...
        <servlet-mapping>
            <servlet-name>check_session_id.do</servlet-name>
            <url-pattern>/check_session_id.do</url-pattern>
        </servlet-mapping>
    
    
  6. Edit the <IS_HOME>/repository/deployment/server/webapps/authenticationendpoint/login.jsp file and update the <head> element as follows:

    Code Block
    <head>
     …
     <script>
     function checkSessionKey() {
     $.ajax({
     type: “GET”,
     url: ‘check_session_id.do?sessionDataKey=’ + getParameterByName(‘sessionDataKey’) + ‘&relyingParty=’ + getParameterByName(‘relyingParty’) + ‘&tenantDomain=’ + getParameterByName(‘tenantDomain’),
     success: function (data) {
     var response = JSON.parse(data);
     if (response && response.status == “redirect” && response.redirectUrl && response.redirectUrl.length > 0) {
     window.location.href = response.redirectUrl;
     }
     }
     });
     }
    function getParameterByName(name, url) {
     if (!url) {
     url = window.location.href;
     }
     name = name.replace(/[\[\]]/g, “\\$&”);
     var regex = new RegExp(“[?&]” + name + “(=([^&#]*)|&|#|$)”),
     results = regex.exec(url);
     if (!results) return null;
     if (!results[2]) return ‘’;
     return decodeURIComponent(results[2].replace(/\+/g, “ “));
     }
     </script>
     </head>
    {code}
    In the same login.jsp file add below change to <body> element.
     <body onload=”checkSessionKey()”>
    Now add the following line to the as the last line in the <script> element in same login.jsp.
    {code:xml}
     …
     window.onunload = function(){};
     </script>
    </body>
     </html>

    Tip

    If necessary, you can get the complete login.jsp page content with all the changes specified above from here.

  7. Restart WSO2 Identity Server.

...