Author: ruchith Date: Sun Dec 9 18:58:02 2007 New Revision: 10740 Log:
Updated documentation Modified: trunk/solutions/identity/modules/documentation/src/site/xdoc/ac_sample.xml trunk/solutions/identity/modules/documentation/src/site/xdoc/idp_sample.xml Modified: trunk/solutions/identity/modules/documentation/src/site/xdoc/ac_sample.xml ============================================================================== --- trunk/solutions/identity/modules/documentation/src/site/xdoc/ac_sample.xml (original) +++ trunk/solutions/identity/modules/documentation/src/site/xdoc/ac_sample.xml Sun Dec 9 18:58:02 2007 @@ -12,43 +12,81 @@ <p>The Identity Provider of WSO2 Identty Solution is based on <a href="http://wso2.org/projects/wsas/java";>WSO2 Web Services Application Server (WSAS)</a>. The WSAS instance used by the Identity Provider can be -accessed using the <a href="../wsas">wsas</a> context.</p> +accessed using the "wsas" context.</p> -<p>First log into <a href="../wsas">WSAS</a> management console (default admin - user name is "admin" and password is "admin") and create a user account with -the role "user". +<p>https://localhost:12443/wsas</p> +<p>First log into WSAS management console (default admin +user name is "admin" and password is "admin") and create a user account with +the role "user". +Now use the "Security" option in WSAS to create a user ("alice") with the role +"user". </p> <h3>Step 2 : Change user store</h3> <p> - Now log into the <a href="../admin">Identity Provider management console </a> + Now log into the "Identity Provider management console" (default admin user name is "admin" and password is "admin") and set "wsasRealmForAccessControlSample" user store configuration as the default user - store. + store in "User Stores" configuration. </p> <h3>Step 3 : Define claims</h3> +<p> +Now since we changed the user store the enabled claims and claim mappings will +have to be set. +</p> + +<p>Enable "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"; +claim.</p> +<p>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier +claim is enabled by default.</p> + +<p>Now in the "WSO2 Claims" add a new claim with following details :</p> + +<ul> +<li>Claim URI : http://identity.wso2.org/claims/roles</li> +<li>Display Tag : Roles</li> +<li>Description : WSAS user roles</li> +</ul> + +<p>Enable "http://identity.wso2.org/claims/roles"; claim</p> <h3>Step 4 : Map claims</h3> +<p>Use the "Claim Mappings" configuration to map claims to user properties as +listed below : </p> + +<ul> +<li>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname : username</li> +<li>http://identity.wso2.org/claims/roles : roles</li> +</ul> + + <h3>Step 5 : Login to the user application and obtain a card</h3> +<p>Log into the "Identity Provider" with the user credentials created in "Step 1" +, download an information card and install it in your identity selector. +</p> + <h3>Step 6 : Try the access control application</h3> <p> -Point the browser to the sample access control demo relying party available -<a href="../ac/">here</a>. - +Point the browser to the sample access control demo relying party available in +the "ac" context of the identity provider container. +</p> +<p>https://localhost:12443/ac/</p> +. +<p> Use the information card "alice" obtained earlier to log into this application. -The web app will display the following output :</p> +The web app will display that the user is not an admin user.</p> -<p>Now add "admin" role to "alice" using <a href="../wsas">WSAS management -console</a></p> and log into the application again. Now since "alice" has the -"admin" role the application will recognize "alice" as an admin user. +<p>Now add "admin" role to "alice" using "WSAS management +console" and log into the application again. Now since "alice" has the +"admin" role the application will recognize "alice" as an admin user.</p> </body> </html> \ No newline at end of file Modified: trunk/solutions/identity/modules/documentation/src/site/xdoc/idp_sample.xml ============================================================================== --- trunk/solutions/identity/modules/documentation/src/site/xdoc/idp_sample.xml (original) +++ trunk/solutions/identity/modules/documentation/src/site/xdoc/idp_sample.xml Sun Dec 9 18:58:02 2007 @@ -23,9 +23,36 @@ <h2>Sample Identity Provider</h2> +<h3>Set up</h3> + +<p><strong>IMPORTANT:</strong> Set sampleRealm as the default user store +using "Set as default" option in the "User Stores" configuration.</p> + +<p> +Now since we changed the user store the enabled claims and claim mappings will +have to be set. +</p> + +<p>Enable following claims : </p> +<ul> +<li>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</li> +<li>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</li> +<li>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</li> +</ul> +<p>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier +claim is enabled by default.</p> + +<p>Use the "Claim Mappings" configuration to map claims to user properties as +listed below : </p> + +<ul> +<li>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname : FIRSTNAME</li> +<li>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname : LASTNAME</li> +<li>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress : EMAIL</li> +</ul> <p>WSO2 Identity Solution has a in-build sample Identity Provider (IdP), which has the full functionality</p> -Sample IdP is configured to, +<P>Now, the identity provider is configured to,</P> <ul> <li>Trust users with following username and passwords</li> <table> _______________________________________________ Identity-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
