[+ Johann] This looks great Pubudu! Wouldn't it be more meaningful if we use "sso_service_providers" instead of "sso_product_list"?
Thanks On Wed, Jun 29, 2016 at 5:28 PM, Pubudu Gunatilaka <[email protected]> wrote: > Hi, > > I have completed setting up sso for WSO2 products using WSO2 puppet > modules. This is really helpful when you need to automate the entire > process of setting up sso for WSO2 products. Basically you need to do the > sso changes in the product as well as in the WSO2 Identity Server or any > other Identity providers. Following are the changes that needs to be done > in hiera yaml files. > > *Any WSO2 product configuration:* > > Following hiera values [1] should be set in the product hiera file to > enable sso. Configurations include enable sso, login page url, service > provider id, sso serverice url and consumer service url. > > wso2::sso_authentication: > disabled: *false* > login_page: */carbon/admin/login.jsp* > service_provider_id: *wso2esb* > sso_service_url: *https://wso2is-default:10113/samlsso > <https://wso2is-default:10113/samlsso>* > consumer_service_url: *https://wso2esb-default:10095/acs > <https://wso2esb-default:10095/acs>* > > *WSO2 IS configuration:* > > You can create service providers in WSO2 IS based on the details you have > given to each and every product. Other fully automated option is to provide > the list of products that needs to be created service providers in WSO2 IS > hiera data file as below. > > wso2::sso_product_list: > wso2esb: > assertion_consumer_service_url: *https://wso2esb-default:9443/acs > <https://wso2esb-default:9443/acs>* > default_assertion_consumer_service_url: > *https://wso2esb-default:9443/acs > <https://wso2esb-default:9443/acs>* > wso2as: > assertion_consumer_service_url: *https://wso2as-default:9443/acs > <https://wso2as-default:9443/acs>* > default_assertion_consumer_service_url: *https://wso2as-default:9443/acs > <https://wso2as-default:9443/acs>* > > This will do the following changes in WSO2 IS side. > 1. Add a new service_provider block in sso-idp-config.xml. > 2. Create a new file under > <WSO2_IS>/repository/conf/identity/service-providers/ directory with the > same name of the service provider. > > The advantage of this is we can use this with docker containers. I have > tested this in Mesos. Please share your thoughts. > > [1] - > https://github.com/wso2/puppet-modules/blob/master/hieradata/dev/wso2/common.yaml#L169 > [2] - > https://github.com/wso2/puppet-modules/blob/master/hieradata/dev/wso2/wso2is/5.1.0/default/default.yaml#L35 > > Thank you! > -- > *Pubudu Gunatilaka* > Committer and PMC Member - Apache Stratos > Software Engineer > WSO2, Inc.: http://wso2.com > mobile : +94774078049 <%2B94772207163> > > -- *Imesh Gunaratne* Software Architect WSO2 Inc: http://wso2.com T: +94 11 214 5345 M: +94 77 374 2057 W: https://medium.com/@imesh TW: @imesh Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
