For the ssl exception can’t you add system properties for truststore and
truststore password in client side (automation test) ?
Thanks & Regards
Danushka Fernando
Software Engineer
WSO2 inc. http://wso2.com/
Mobile : +94716332729
From: Punnadi Gunarathna
Sent: Monday, May 4, 2015 12:34 PM
To: WSO2 Developers' List
Hi All,
In order to write integration tests related to API Manger calls, It requires to
get the SAML_TOKEN as we have used SAML_TOKEN for login to API Manager in
APIManagerIntegrationService.
I had a offline chat with Dinusha and Lakmali and they provided me a code
sample which does that with the code [1].
Simply what happens in the code is that:
1. First talk to sso app's login page and retrieve the "sessionDataKey"
2. Then do a call to commonauth endpoint with sessionDataKey, tenant username
and password. This results the SAML Response.
An easy way to try this scenario with App Factory from the browser is as
follows:
Prerequisites:
Up and running App Factory setup with a working tenant (say [email protected]/admin)
1. Simply visit the AF login page and copy paste the full url to a notepad as
follows:
https://apps.appfactory.private.wso2.com:9443/carbon/appfactory/login_ajaxprocessor.jsp?SAMLRequest=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHNhbWwycDpBdXRoblJlcXVlc3QgSUQ9ImNvbG5iYW9jbGxla21jbWJhYWNtZ2xkampjbWZubmRjY21jZ2RoamIiIElzc3VlSW5zdGFudD0iMjAxNS0wNS0wNFQwNjo1NDo1Ny42ODFaIiBWZXJzaW9uPSIyLjAiIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIj48c2FtbDI6SXNzdWVyIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5BUFBGQUNUT1JZPC9zYW1sMjpJc3N1ZXI+PHNhbWwycDpOYW1lSURQb2xpY3kgQWxsb3dDcmVhdGU9InRydWUiIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5Ii8+PC9zYW1sMnA6QXV0aG5SZXF1ZXN0Pg==&issuer=APPFACTORY&sessionDataKey=2bf27df8-44c7-4bfd-984a-96b59ad4dad6&type=samlsso&commonAuthCallerPath=..%2F..%2Fsamlsso&forceAuthenticate=true
2. Just extract the sessionDataKey with value from 1 and create the below URL.
https://apps.appfactory.private.wso2.com:9443/commonauth?sessionDataKey=2bf27df8-44c7-4bfd-984a-96b59ad4dad6&[email protected]&password=admin
3. Now just paste it in the browser and hit enter, This will log you in. From
FireBug you can see thatSAMLResponse has received as the response.
When I try to use the same code, I came across few issues:
For me, just passing the login page didn't result sessionDataKey value. When I
passed the login url, I was able to retrieve SAML Request,RelayState and
SSOAuthSessionID.
Then I did a second call and got the sessionDataKey value.
Moreover the integration tests were run from my machine and AF setup is in
another machine. So I got the below issue.
javax.net.ssl.SSLException: hostname in certificate didn't match:
<apps.appfactory.private.wso2.com> != <localhost>
I was able to fix it by creating and adding a certificate for
"apps.appfactory.private.wso2.com" domain name in both client side and server
side.
But now I am getting some errors while I try to create tenants with new
certificate. I will look into it further.
[1]
https://github.com/wso2/carbon-appmgt/blob/master/components/appmgt/org.wso2.carbon.appmgt.sample.deployer/src/main/java/org/wso2/carbon/appmgt/sample/deployer/appcontroller/WebpageAccessor.java
--
Thanks and Regards,
Punnadi Gunarathna
Senior Software Engineer,
WSO2, Inc.; http://wso2.com
Blog: http://hi-my-world.blogspot.com/
Tel : 94 11 214 5345
Fax :94 11 2145300
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
