Monday, September 23, 2013

OpenID with WSO2 IS 4.5.0

In this blog post, I've used a sample web app to demonstrate the SAML 2.0 behavior with WSO2 IS 4.5.0.

web app

There we used the first option (i.e. Click here to login with SAML from Identity Server)

In this blog post I'm going to explain login with OpenID url provided by WSO2 IS 4.5.0 and hot to login to ap with a google account.

(1) Login with OpenID url provided by WSO2 Identity Server.

- Before trying out this scenario, we first need to import the self signed certificate used by WSO2 server to the trust store of the web container where the web app is deployed on.
Since we are using Apache Tomcat server, let's import the certificate to java cacerts.

First export the certificate using following command.

keytool -export -alias wso2carbon -keystore IS_HOME/repository/resources/security/wso2carbon.jks -storepass wso2carbon -file wso2carbon.pem

Now import this certificate to java cacerts.

keytool -import -alias wso2crbon -file wso2carbon.pem -keystore JAVA_HOME/jre/lib/security/cacerts

- Now click the second option in the web app
Login with OpenID
- You'll be redirect to IS for authentication

- Provide valid user name/password. Here I've provided default admin credentials (admin/admin)
- You'll be asked to approve the OpenID user profile.

OpenID user profile
- Click approve or approve always. You'' be logged in and will be able to see the home page.
Home Page

(2) Login with google account.

- Logo ut from google account if you've already logged in and click the third url in the app.
Login with google account

- You'll be prompted to enter username/password. Provide valid credentials

Login  with google credentials
- You'll be logged in and can see the home page

Home Page

No comments:

Post a Comment