wso2is

问题 I configured the WSO2 Identity Server to be a Key manager to WSO2 API Manager. This is What I have been done I Created Application in API Manager and Published it. [OK] I Created API and subscribed in the Store. [OK] I am using NodeJS Application as Client Application and Go as a Resource Provider This is the Passport Configuration using passport-saml strategy: passport.use(new SamlStrategy({ path: configSaml.path, entryPoint: configSaml.entryPoint, issuer: configSaml.issuer, decryptionPvk:

问题 When setting up a WSO2 Identity Server cluster there is a need of setting up local databases (REGISTRY_LOCAL1, REGISTRY_LOCAL2, etc) specific to each node (Node1, node2, etc) as described here https://docs.wso2.com/display/CLUSTER44x/Setting+up+the+Database My questions are: * Which data is stored in REGISTRY_LOCAL in case of WSO2 IS? * Is a local database for each node really necessary which would result in n+2 databases for a n-Node setup? 回答1: Registry mounting information is stored in

问题 I'm working on a small proof-of-concept implementation involving OpenID Connect and WSO2 Identity Server 5.3.0. On the client side, I'm using python with the oic library to attempt to get the discovery mechanism working. I'm executing the following code, based on the oic documentation: from oic.oic import Client oic_client = Client(verify_ssl=False) uid = "admin@172.22.0.2" issuer = oic_client.discover(uid) provider_info = oic_client.provider_config(issuer) This results in the following error

问题 I am following this link I am stuck on this point given below e) Scroll down and find the XACML related features and install the features to the API Manager as shown below. I am not able to get "XACML Mediation" in wso2AM-2.5.0 And one more thing If any one know every step how to create API in API manager to access XACML policy. I followed many links but i got stuck many point like method parameter, end point of sandbox or production, access token. If any one know every step with clarity then

问题 I need to release, using wso2 is, a custom oAuth2 token after a check on saml2 assertion as input. How is it possibile customized the oAuth2 token ? 回答1: You can retrieve OAuth access token for SAML2 assertion. As WSO2 Identity Server 4.5.0 supports saml2 bearer assertion grant type. You can find the doc. You can modify the returning OAuth2 access token by adding custom implementation. There is an interface that you can implement this. Here you have a method called "issue". Actually you may

问题 I am unable to setup WSO2 Identity Server v5.6.0 with OpenLDAP as primary, external user store. The Identity Server is starting as expected (no errors in the console) and the admin user account has been created automatically, too. But if I try to add A new User per management console, the Identity Server throws the following error: Could not add user PRIMARY/johndoe@gmail.com. Error: Cannot access the directory context or user already exists in the system for user :johndoe@gmail.com In the

问题 I setup IS as Key Manager for API-M, then I use Postman to get the access token from IS with Client Credential Grant Type. However, the above token can be only used for the 1st request only. I used it with the second request, I found following It seem like the token expired after one access time. Is there any document explains about this, and what should I change ? 回答1: The issue come from the different time set up on the servers of API-M and IS. With the first time the request comes, I

问题 I am setting up WSO2 API Manager and secure API with self contained access token (JWT). Here's a link i followed to protect your APIs with self contained access token (JWT) using WSO2 API Manager and WSO2 Identity Server. I am getting JWT token from the WSO2 identity server. But when I tried to get access token using the JWT token from WSO2IS, I am getting following error HTTP/1.1 400 Bad Request X-Frame-Options: DENY X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Date: Thu,

问题 I am using wso2is in version 5.4 with ldap readonly user store. I have scim2 enabled and I am able to list users via the /scim2/Users Interface as expected. When I try to list the groups by calling the /scim2/groups Interface, only 2 groups are returned: the PRIMARY/admin group - I guess this is an internal group and another group, which is obtained from ldap. If I list the roles (groups) from the admin console, much more roles are listed, which are imported from LDAP, oddly enough the role

问题 I'm running WSO2 5.7.0, using OIDC with the Implicit Flow. I have set the context root to wso2-is , so the authorize endpoint is located at http://MY_DOMAIN/wso2-is/oauth2/authorize . When I begin the flow with a GET call to the oauth2/authorize endpoint, I am redirected to http://MY_DOMAIN/authenticationendpoint/login.do?client_id=MY_CLIENT_ID&commonAuthCallerPath=%2Foauth2%2Fauthorize... . The problem is that it drops the context root and so later in the Implicit Flow I am (incorrectly)