AFAIK there is no SAML protocol. We are always using SSL protocol. And the
exception you mentioned is caused because client don’t trust the server.
In SSL there is one way SSL and two way SSL or mutual SSL. This is about one
way SSL where client needs to trust the server. Since in default packs we have
self signed certs we can get rid of the exception by using the java system
property.
Thanks & Regards
Danushka Fernando
Software Engineer
WSO2 inc. http://wso2.com/
Mobile : +94716332729
From: Punnadi Gunarathna
Sent: Tuesday, May 5, 2015 1:17 PM
To: Danushka Fernando
Cc: WSO2 Developers' List
Hi Danushka,
I think the problem is occurred while executing the SAML protocol, not with SSL
protocol. So the solution would be to create a new cert and key pairs with the
custom domain and import them to keystore/trust store in both server side (AF
setup) and client side (Integration tests).
On Mon, May 4, 2015 at 3:14 PM, <[email protected]> wrote:
For the ssl exception can’t you add system properties for truststore and
truststore password in client side (automation test) ?
Thanks & Regards
Danushka Fernando
Software Engineer
WSO2 inc. http://wso2.com/
Mobile : +94716332729
From: Punnadi Gunarathna
Sent: Monday, May 4, 2015 12:34 PM
To: WSO2 Developers' List
Hi All,
In order to write integration tests related to API Manger calls, It requires to
get the SAML_TOKEN as we have used SAML_TOKEN for login to API Manager in
APIManagerIntegrationService.
I had a offline chat with Dinusha and Lakmali and they provided me a code
sample which does that with the code [1].
Simply what happens in the code is that:
1. First talk to sso app's login page and retrieve the "sessionDataKey"
2. Then do a call to commonauth endpoint with sessionDataKey, tenant username
and password. This results the SAML Response.
An easy way to try this scenario with App Factory from the browser is as
follows:
Prerequisites:
Up and running App Factory setup with a working tenant (say [email protected]/admin)
1. Simply visit the AF login page and copy paste the full url to a notepad as
follows:
https://apps.appfactory.private.wso2.com:9443/carbon/appfactory/login_ajaxprocessor.jsp?SAMLRequest=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHNhbWwycDpBdXRoblJlcXVlc3QgSUQ9ImNvbG5iYW9jbGxla21jbWJhYWNtZ2xkampjbWZubmRjY21jZ2RoamIiIElzc3VlSW5zdGFudD0iMjAxNS0wNS0wNFQwNjo1NDo1Ny42ODFaIiBWZXJzaW9uPSIyLjAiIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIj48c2FtbDI6SXNzdWVyIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5BUFBGQUNUT1JZPC9zYW1sMjpJc3N1ZXI+PHNhbWwycDpOYW1lSURQb2xpY3kgQWxsb3dDcmVhdGU9InRydWUiIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5Ii8+PC9zYW1sMnA6QXV0aG5SZXF1ZXN0Pg==&issuer=APPFACTORY&sessionDataKey=2bf27df8-44c7-4bfd-984a-96b59ad4dad6&type=samlsso&commonAuthCallerPath=..%2F..%2Fsamlsso&forceAuthenticate=true
2. Just extract the sessionDataKey with value from 1 and create the below URL.
https://apps.appfactory.private.wso2.com:9443/commonauth?sessionDataKey=2bf27df8-44c7-4bfd-984a-96b59ad4dad6&[email protected]&password=admin
3. Now just paste it in the browser and hit enter, This will log you in. From
FireBug you can see thatSAMLResponse has received as the response.
When I try to use the same code, I came across few issues:
For me, just passing the login page didn't result sessionDataKey value. When I
passed the login url, I was able to retrieve SAML Request,RelayState and
SSOAuthSessionID.
Then I did a second call and got the sessionDataKey value.
Moreover the integration tests were run from my machine and AF setup is in
another machine. So I got the below issue.
javax.net.ssl.SSLException: hostname in certificate didn't match:
<apps.appfactory.private.wso2.com> != <localhost>
I was able to fix it by creating and adding a certificate for
"apps.appfactory.private.wso2.com" domain name in both client side and server
side.
But now I am getting some errors while I try to create tenants with new
certificate. I will look into it further.
[1]
https://github.com/wso2/carbon-appmgt/blob/master/components/appmgt/org.wso2.carbon.appmgt.sample.deployer/src/main/java/org/wso2/carbon/appmgt/sample/deployer/appcontroller/WebpageAccessor.java
--
Thanks and Regards,
Punnadi Gunarathna
Senior Software Engineer,
WSO2, Inc.; http://wso2.com
Blog: http://hi-my-world.blogspot.com/
Tel : 94 11 214 5345
Fax :94 11 2145300
--
Thanks and Regards,
Punnadi Gunarathna
Senior Software Engineer,
WSO2, Inc.; http://wso2.com
Blog: http://hi-my-world.blogspot.com/
Tel : 94 11 214 5345
Fax :94 11 2145300
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
