Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Change the following config elements in the <APPM_HOME>/repository/conf/app-manager.xml file.
    1. Change the ServerURL, Username and Password elements in the <AuthManager> section to point to the Identity Server URL and credentials.

      Code Block
      languagexml
      <ServerURL>https://<IS_SERVER_HOST>:{IS_SERVER_PORT}/services/</ServerURL>
      <ServerURL>https://localhost:9444/services/</ServerURL>
    2. Change the providerURL element in the <SSOConfiguration> section as shown below:

      Code Block
      languagexml
      <IdentityProviderUrl>https://localhost:9444/samlsso</IdentityProviderUrl>
      <providerURL>https://localhost:9444</providerURL>
    3. Change the ServerURL element in the <EntitlementServiceConfiguration> section as shown below:

      Code Block
      languagexml
      <ServerUrl>https://localhost:9444</ServerUrl> 
  2. Change the identityProviderURL config in the <AppM_HOME>/repository/deployment/server/jaggeryapps/store/config/store.json file as shown below:

    Code Block
    languagejava
    "ssoConfiguration": {
           "enabled": true,
           "issuer": "store",
           "identityProviderURL": "https://localhost:9444/samlsso",
           "keyStorePassword": "wso2carbon",
           "identityAlias": "wso2carbon",
           "responseSigningEnabled": "true",
           "storeAcs" : "%https.host%/store/acs",
           "keyStoreName": "/repository/resources/security/wso2carbon.jks"
       },
  3. Change the identityProviderURL element in the <AppM_HOME>/repository/deployment/server/jaggeryapps/publisher/config/publisher.json file as shown below:

    Code Block
    languagejava
    "ssoConfiguration": {
           "enabled": true,
           "issuer": "publisher",
           "identityProviderURL": "https://localhost:9444/samlsso",
           "keyStorePassword": "wso2carbon",
           "identityAlias": "wso2carbon",
           "responseSigningEnabled": "true",
           "publisherAcs": "%https.host%/publisher/sso",
           "keyStoreName": "/repository/resources/security/wso2carbon.jks"
       },
  4. Start both the AppM and IS servers.
  5. Login to the WSO2 IS Management Console.
  6. Click Add under Main > Service Providers.
  7. Give a name for the service provider and click Register
  8. You are navigated to the detailed configuration page. Expand SAML2 Web SSO Configuration inside the Inbound Authentication Configuration section and click Configure.

  9. Provide the configurations to register the App Store as the SSO service provider. These sample values may change depending on your configuration.

    For example: 

  10. Similarly, provide configurations to register the App Publisher and social apps as SSO service providers. These sample values may change depending in your configuration.
    • Issuer: publisher
    • Assertion Consumer URL: https://localhost:9443/publisher/acs (i.e https://{AppMHost}:{AppMPort}/publisher/acs). This is the URL for the acs page for your running publisher app.
    • Select the following options:

      • Enable Response Signing

      • Enable Single Logout

    • Click Register once done.

    • Issuer: social
    • Assertion Consumer URL: https://localhost:9443/social/acs (i.e https://{AppMHost}:{AppMPort}/social/acs). This is the URL for the acs page for your running social apps.
    • Select the following options:

      • Enable Response Signing

      • Enable Single Logout

    • Click Register once done.

Once all configurations are done you should be able to login to publisher and store UI with the external Identity server.