Lot Of thanks for your help. Waiting for the new release then!
On Sun, Jun 13, 2010 at 7:03 AM, Thilina Mahesh Buddhika <[email protected]>wrote: > In Identity Server 3.0.0 release, we started supporting SAML 2.0 based SSO > identity provider feature. But we did not include SAML 2.0 consumer feature > which enables other Carbon products acting as SAML 2.0 based SSO relying > parties. > > Currently, we are working on SAML 2.0 consumer components, and this feature > will be available in our next release. With this feature, it will be > possible to achieve single sign-on across all our products. In 2-3 weeks > time, the implementation will be completed, and you can try this in a > nightly build taken from our trunk. > > But still, pointing to the same user-store will allow you to support > unified login, where all the user information is maintained at a single > point. > > WSO2 Identity Server currently supports 2-legged and 3-legged OAuth. Also > the Gadget Server supports OAuth based authentication for gadgets. So the > 2-legged OAuth support of Identity Server can be used to authenticate > gadgets hosted in Gadget Server. We are currently testing > the interoperability between these two entities. > > We will update you with the progress of these tasks. > > Thanks, > Thiliina > > On Sun, Jun 13, 2010 at 9:01 AM, Sanjiva Weerawarana <[email protected]>wrote: > >> I think the problem is that we are still not supporting SAML 2..0 in the >> Gadget Server .. once that's done the single login should propagate. There >> was a thread on this a while ago but can't remember the details! Maybe >> Thilina or Prabath can explain the situation and plans to fix it properly >> (including supporting 2-legged OAuth in GS). >> >> Sanjiva. >> >> 2010/6/12 Víctor Álvarez <[email protected]> >> >> Thanks Thilina! >>> >>> But if I connect Gadget Server with the LDAP directly i wouldn't have >>> Single Sign On for the Gadget Server, so ures may have to make login again, >>> if they already have a logged session on identity server. >>> Is there another way to enable Single Sign On? >>> >>> Thanks in advance >>> >>> >>> On Sat, Jun 12, 2010 at 5:44 AM, Thilina Mahesh Buddhika < >>> [email protected]> wrote: >>> >>>> Hi Victor, >>>> >>>> This user guide [1] explains the necessary steps to configure Identity >>>> Server to use an external user store like LDAP. This user guide is >>>> applicable for Carbon 3.0.0 based products, like Identity Server 3.0.0, >>>> Gadget Server 1.1.0, etc. >>>> >>>> For step 2, You can configure the Gadget Server to talk to the same LDAP >>>> which is used by the Identity Server.(You can follow the same steps as in >>>> [1]) >>>> >>>> Thanks, >>>> Thilina >>>> >>>> [1] - >>>> http://wso2.org/project/solutions/identity/3.0.0/docs/user-core/admin_guide.html >>>> >>>> >>>> 2010/6/11 Víctor Álvarez <[email protected]> >>>> >>>>> >>>>> Hello, >>>>> >>>>> Im devoping a project where i should be capable to integrate a ws2o >>>>> Gadget Server with Google Apps and a external User Store based on LDAP... >>>>> >>>>> I need the integration piece, and wso2 Identity Server seems a good >>>>> choice. >>>>> >>>>> If planned to do this steps: >>>>> >>>>> 1 - Google Apps through Identity Server >>>>> >>>>> In order to provide Single Sign On, Identity Server seems to be easily >>>>> configurated as User Store throught SAML 2.0 as exposed on: >>>>> >>>>> http://blog.thilinamb.com/2010/04/saml-20-based-single-sign-on-with-wso2.html >>>>> >>>>> 2 - Gadget Server through Identity Server >>>>> I think it's possible, but can't find any documentation about >>>>> integration. >>>>> >>>>> Identity Server can act lik a LDAP isn it, how to configure it then? >>>>> >>>>> Then i would provide Gadget server with external LDAP user store >>>>> pointing to Identity Server >>>>> >>>>> 3 - Identity Server with LDAP external user store. >>>>> >>>>> Identity Server can be configured against a LDAP server by User >>>>> Management Configuration, but i can't find this option on the menu!!! >>>>> I already found a configuration xml for User Management >>>>> >>>>> [[Documentacion Configuración | >>>>> http://wso2.org/project/solutions/identity/3.0.0/docs/user-core/admin_guide.html]] >>>>> <!-- UserStoreManager >>>>> class="org.wso2.carbon.user.core.ldap.LDAPUserStoreManager"> >>>>> <Property >>>>> name="ConnectionURL">ldap://localhost:10389</Property> >>>>> <Property name="ConnectionName">uid=admin,ou=system</Property> >>>>> <Property name="ConnectionPassword">admin123</Property> >>>>> <Property name="UserSearchBase">ou=system</Property> >>>>> <Property >>>>> name="UserNameListFilter">(objectClass=person)</Property> >>>>> <Property name="UserNameAttribute">uid</Property> >>>>> <Property name="ReadLDAPGroups">false</Property> >>>>> <Property name="GroupSearchBase">ou=system</Property> >>>>> <Property >>>>> name="GroupSearchFilter">(objectClass=groupOfNames)</Property> >>>>> <Property name="GroupNameAttribute">cn</Property> >>>>> <Property name="MembershipAttribute">member</Property> >>>>> </UserStoreManager --> >>>>> <!-- Active directory configuration follows --> >>>>> <!-- UserStoreManager >>>>> class="org.wso2.carbon.user.core.ldap.LDAPUserStoreManager"> >>>>> <Property >>>>> name="ConnectionURL">ldap://10.100.1.211:389</Property> >>>>> <Property >>>>> name="ConnectionName">cn=Administrator,cn=users,dc=wso2,dc=lk</Property> >>>>> <Property name="ConnectionPassword">admin123</Property> >>>>> <Property >>>>> name="UserSearchBase">cn=users,dc=wso2,dc=lk</Property> >>>>> <Property >>>>> name="UserNameListFilter">(objectClass=person)</Property> >>>>> <Property name="UserNameAttribute">sAMAccountName</Property> >>>>> <Property name="ReadLDAPGroups">true</Property> >>>>> <Property >>>>> name="GroupSearchBase">cn=users,dc=wso2,dc=lk</Property> >>>>> <Property >>>>> name="GroupSearchFilter">(objectcategory=group)</Property> >>>>> <Property name="GroupNameAttribute">cn</Property> >>>>> <Property name="MemberOfAttribute">memberOf</Property> >>>>> </UserStoreManager --> >>>>> >>>>> Then it should be "easy" to configure a ldap server on this params. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Did anyone of you make something similar ? >>>>> >>>>> I'm on the right way for the solution? >>>>> >>>>> Can anyone help me on Step 2? >>>>> >>>>> >>>>> Lot of thanks to all! >>>>> >>>>> >>>>> >>>>> -- >>>>> Víctor Álvarez >>>>> Incoming IT www.incomingIT.com >>>>> www.twitter.com/incomingIT >>>>> Escribiendo en y sobre Accesibilidad Web: >>>>> http://accesibilidad.blogspot.com >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Víctor Álvarez >>>>> Incoming IT www.incomingIT.com >>>>> www.twitter.com/incomingIT >>>>> Escribiendo en y sobre Accesibilidad Web: >>>>> http://accesibilidad.blogspot.com >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Víctor Álvarez >>>>> Incoming IT www.incomingIT.com >>>>> www.twitter.com/incomingIT >>>>> Escribiendo en y sobre Accesibilidad Web: >>>>> http://accesibilidad.blogspot.com >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> Thilina Mahesh Buddhika >>>> Senior Software Engineer >>>> WSO2 Inc. ; http://wso2.com >>>> lean . enterprise . middleware >>>> >>>> phone : +94 77 44 88 727 >>>> blog : http://blog.thilinamb.com >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> >>> -- >>> Víctor Álvarez >>> Incoming IT www.incomingIT.com >>> www.twitter.com/incomingIT >>> Escribiendo en y sobre Accesibilidad Web: >>> http://accesibilidad.blogspot.com >>> >>> >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> >> -- >> Sanjiva Weerawarana, Ph.D. >> Founder, Chairman & CEO; WSO2, Inc.; http://wso2.com/ >> email: [email protected]; phone: +1 408 754 7388 x51726; cell: +94 77 787 >> 6880 | +1 650 265 8311 >> blog: http://sanjiva.weerawarana.org/ >> >> Lean . Enterprise . Middleware >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > > -- > Thilina Mahesh Buddhika > Senior Software Engineer > WSO2 Inc. ; http://wso2.com > lean . enterprise . middleware > > phone : +94 77 44 88 727 > blog : http://blog.thilinamb.com > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- Víctor Álvarez Incoming IT www.incomingIT.com www.twitter.com/incomingIT Escribiendo en y sobre Accesibilidad Web: http://accesibilidad.blogspot.com
_______________________________________________ Carbon-dev mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
