Ruwan, Hi again, figured it out, :). It was obviously silly for me to use the ACS URL, since this was actually an application not a carbon server, :). So I used the webapp URL instead and it all works like a charm. Great piece of work.
Thanks, Senaka. On Sat, Jul 19, 2014 at 11:53 AM, Senaka Fernando <[email protected]> wrote: > Hi Ruwan, > > I bumped into a small problem when trying this out. May be I have made an > obvious mistake somewhere. So, this is what I did. > > 1. I created the webapp using App-M, and enabled SAML2 SSO. > 2. Then published it to Store and Subscribed to it. > 3. I then started IS 5.0.0 with Offset 1 (I figured that the in-built > SAML2 SSO in App-M is not working as yet and it was meant to setup external > IS for the moment). > 4. In IS, I created an SP using the application name as the relying party > and set the ACS URL to be that of App-M. > 5. Now, when I tryout the application it in fact authenticates fine with > IS. But, it does not redirect back to the App-M ACS. > > Can you tell me whether I'm missing something? I have pasted the SAML > request here FYR. > > > SAMLRequest=PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiAgIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cDovLzE5Mi4xNjguMTE5LjE6ODI4MC9leGFtcGxlLzEuMC4wLyIgICBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9sb2NhbGhvc3Q6OTQ0NC9zYW1sc3NvIiAgIEZvcmNlQXV0aG49ImZhbHNlIiAgIElEPSIwIiAgIElzUGFzc2l2ZT0iZmFsc2UiICAgSXNzdWVJbnN0YW50PSIyMDE0LTAyLTEwVDEzOjU5OjI1Ljc3MVoiICAgUHJvdG9jb2xCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiAgIFZlcnNpb249IjIuMCI%2BPHNhbWxwOklzc3VlciB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI%2BRXhhbXBsZTwvc2FtbHA6SXNzdWVyPjxzYW1sMnA6TmFtZUlEUG9saWN5IHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiAgIEFsbG93Q3JlYXRlPSJ0cnVlIiAgIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6cGVyc2lzdGVudCIgICBTUE5hbWVRdWFsaWZpZXI9Iklzc3VlciIvPjxzYW1sMnA6UmVxdWVzdGVkQXV0aG5Db250ZXh0IHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiAgIENvbXBhcmlzb249ImV4YWN0Ij48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj4gICB1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZFByb3RlY3RlZFRyYW5zcG9ydDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWwycDpSZXF1ZXN0ZWRBdXRobkNvbnRleHQ%2BPC9zYW1scDpBdXRoblJlcXVlc3Q%2B&relyingParty=Example&sessionDataKey=2bceb0b2-5e59-4f61-8e14-e155389d5772&type=samlsso&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&authenticators=BasicAuthenticator:LOCAL > > Thanks, > Senaka. > > -- > > > *[image: http://wso2.com] <http://wso2.com> Senaka Fernando* > Software Architect; WSO2 Inc.; http://wso2.com > > > > * Member; Apache Software Foundation; http://apache.org > <http://apache.org>E-mail: senaka AT wso2.com <http://wso2.com>**P: +1 > 408 754 7388 <%2B1%20408%20754%207388>; ext: 51736*; > > > *M: +44 782 741 1966 <%2B44%20782%20741%201966> Linked-In: > http://linkedin.com/in/senakafernando > <http://linkedin.com/in/senakafernando>*Lean . Enterprise . Middleware > -- *[image: http://wso2.com] <http://wso2.com> Senaka Fernando* Software Architect; WSO2 Inc.; http://wso2.com * Member; Apache Software Foundation; http://apache.org <http://apache.org>E-mail: senaka AT wso2.com <http://wso2.com>**P: +1 408 754 7388; ext: 51736*; *M: +44 782 741 1966 Linked-In: http://linkedin.com/in/senakafernando <http://linkedin.com/in/senakafernando>*Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
