wso2is

问题 We are using WSO2 Is 5.0 sp1. We are using the session persistence feature where we have given the following config <SessionDataPersist> <Enable>true</Enable> <RememberMePeriod>30</RememberMePeriod> <CleanUp> <Enable>true</Enable> <Period>5</Period> <TimeOut>35</TimeOut> </CleanUp> <Temporary>false</Temporary> </SessionDataPersist> Our observation is that after 15 min of session inactivity wso2 IS time-outs. This means that even after specifying session persistence of higher value the session

问题 I have followed the instructions here for building IS 4.6.0, in summary: SVN Checkout from: https://svn.wso2.org/repos/wso2/carbon/platform/tags/turing-chunk06 Commented out APIMGT in $CARBON_SRC/product-releases/chunk-06/products/pom.xml Commented out SS in $CARBON_SRC/product-releases/chunk-06/products/pom.xml Run mvn clean install on $CARBON_SRC/product-releases/chunk-06/products/pom.xml Run mvn eclipse:eclipse on $CARBON_SRC/product-releases/chunk-06/products/pom.xml NOTE: I scripted

问题 I am overriding the method doGetExternalRoleListOfUser of the class classActiveDirectoryUserStoreManager in WSO2 IS. I do this to make IS return Active Directory nested group of a user since IS just return "direct" groups of a user as OOB feature. The code is quite simple, but when we consume the IS service getUserClaimValues to check the information of a user, I get the following soapFault error: <soapenv:Fault> <faultcode>soapenv:Server</faultcode> <faultstring>Error occurred while

问题 We are using WSO2 IS as the Identity Bus for our solutions. We make REST API in WSO2 ESB to implement our Integration and use OAuth mediator in that to securing our API. in WSO2 IS we create a service provider as sp1 and apply XACML policy to that. I want to create XACML policy to permit incoming requests just when client_ip is xxx.xxx.xxx.xxx and request URI is http://wso2ESB.uri/sampleApi/app and method is GET . please help me to make this XACML policy in WSO2 IS. 回答1: Currently WSO2

问题 I have set up WSO2 Identity Server with Office 365 (AAD) Identity Provider, the sso sample app travelocity.com and configured my Azure Active Directory application with the necessary permissions.I have disabled user consent on both side, Azure AD & my Identity Server. Using the sample app, the login is working fine but I receive the following error from travelocity.com An error has occurred SAML2 Response Issuer verification failed I guess the authentication is working, from the debug logging

问题 Some buildings will initially connect with their single sign-on based company account and we will need to determine how we can create the WSO2 account from that account information. More description :- The customer has informed us they want to use their own SSO server (could be SAML or OIDC). When a user logs into the system using valid credentials from that SSO, they are allowed to connect to our systems with tenant user permissions. Other permissions can be added by a system manager. This

问题 I am trying to configure my WSO2 Identity Server to set up service providers via a .xml file. Here are the steps I am taking: Paste the service provider .xml file into the $WSO2_HOME/repository/conf/identity/service-providers folder Run the wso2server.sh script in a fresh WSO2 environment (never setup, databases with empty tables) The .xml file I created in step 1 was created using the "export" feature from the console, so I am pretty confident it is set up correctly. Just in case, this is

问题 I have put the Identity server behind a reverse proxy with apache changing the default port to default HTTPS (to allow access without our internal network), I have then modified the XML files to remove the {port} from the endpoints, BUT the /commonauth endpoint is still being sent in SAML requests with the port as the assertionURL/return url? How do I change this? is it in any configs? Thanks again 回答1: Add proxyPort="443" attribute to the HTTPS connector element at the repository/conf/tomcat

问题 Anyone know why if I make a call to /userinfo endpoint I obtain different JSON response? Specifically: When I make a call with curl from command line, like $curl -k -H "Authorization: Bearer 2bcea7cc9d7e4b63fd2257aa31116512" https://localhost:9443/oauth2/userinfo?schema=openid I obtain as response the JSON: {"sub":"asela","name":"asela","preferred_username":"asela","given_name":"asela","family_name":"asela"} If I make the call with a java client (a library that implement the Authorization

问题 I am unable to implement Multifactor Authentication . The error i am getting is TID: [0] [WSO2 Identity Server] [2012-10-30 10:31:38,620] ERROR {org.wso2.carbon.identity.provider.xmpp.MPAuthenticationProvider} - login failed. Trying again.. {org.wso2.carbon.identity.provider.xmpp.MPAuthenticationProvider} SASL authentication failed: at org.jivesoftware.smack.SASLAuthentication.authenticate (SASLAuthentication.java:209) at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:341) at