Re: [Dev] WSO2 IS - SAML SSO External IdP: handling several AttributeConsumingServiceIndex

2019-10-28 Thread Farasath Ahamed 
On Monday, October 28, 2019, Angelo Immediata  wrote:

> Hi all.
>
> I'm using WSO2 Identity Server version 5.8.0 and 5.9.0
>
> I have this scenario: I have external IdPs and I want to allow SAML
> integration with these IdPs. I can register them in WSO2 and all works
> pretty good.
>
> I was facing the following issue: I need to handle several
> AttributeConsumingService. So the first thing I created the WSO2
> ServiceProvider metadata file that I gave to the IdPs. This is the metadata
> content:
>
>> 
>> > ID="_3574ad74-ba7a-4ea5-b3e8-dbb2dafb55df" entityID="http://wso2_590_ai;>
>>> WantAssertionsSigned="true" protocolSupportEnumeration="
>> urn:oasis:names:tc:SAML:2.0:protocol">
>>   
>>  http://www.w3.org/2000/09/xmldsig#;>
>> 
>>
>> 
>>  
>>   
>>   > Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
>> Location="https://localhost:9443/samlsso; />
>>   urn:oasis:names:tc:SAML:2.0:nameid-
>> format:transient
>>   > Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
>> Location="https://localhost:9443/commonauth; index="0" isDefault="true"
>> />
>>   
>>  set0
>>  
>>  > />
>>  > Name="fiscalNumber" />
>>  > Name="email" />
>>  > />
>>   
>>   
>>  set1
>>  
>>  > />
>>  > Name="fiscalNumber" />
>>  > Name="email" />
>>  > />
>>  
>>  > Name="dateOfBirth" />
>>  > Name="placeOfBirth" />
>>   
>>   
>>  set2
>>  
>>  > />
>>  > Name="fiscalNumber" />
>>  > Name="email" />
>>  > />
>>  
>>  > Name="dateOfBirth" />
>>  > Name="placeOfBirth" />
>>  > Name="countyOfBirth" />
>>   
>>   
>>  set3
>>  
>>  > />
>>  > Name="fiscalNumber" />
>>  > Name="email" />
>>  > />
>>  
>>  > Name="dateOfBirth" />
>>  > Name="placeOfBirth" />
>>  > Name="countyOfBirth" />
>>  > Name="mobilePhone" />
>>   
>>   
>>  set4
>>  
>>  > />
>>  > Name="fiscalNumber" />
>>  > />
>>   
>>   
>>  set5
>>  
>>  > />
>>  > Name="fiscalNumber" />
>>  > />
>>  > Name="companyName" />
>>  > Name="registeredOffice" />
>>  > />
>>   
>>
>>
>>   Service provider WSO2
>> 590
>>   WSO2 590> OrganizationDisplayName>
>>   https://localhost:9443/> OrganizationURL>
>>
>> 
>
>
> As you can see I have six AttributeConsumingService. So far so good... the
> problem was how to solve this issue: let's suppose I have a Service
> Provider registered inside WSO2 IS and let's suppose the application
> related to this SP sends in the SAML Request the AttributeConsumingService
> index. How can I pass this AttributeConsumingService to the SAML request
> that WSO2 sends to the external IdPs? I found only one way: to modify the
>>
>> org.wso2.carbon.identity.application.authenticator.samlsso.manager.
>> DefaultSAML2SSOManager.buildAuthnRequest(HttpServletRequest, boolean,
>> String, AuthenticationContext)
>
> method. Just after this instruction
>
>> //Get the inbound SAMLRequest
>> AuthnRequest inboundAuthnRequest = getAuthnRequest(context);
>
>
> I added the following code:
>
>> Integer attrConsServiceIndex = inboundAuthnRequest.
>> getAttributeConsumingServiceIndex();
>> if( attrConsServiceIndex != null && attrConsServiceIndex > 0 ) {
>>if( log.isInfoEnabled() ) {
>> log.info("Inbound SAML Request AttributeConsumingServiceIndex "+
>> attrConsServiceIndex+" Settato nella auth request SAML");
>> }
>> authRequest.setAttributeConsumingServiceIndex(attrConsServiceIndex);
>> }
>
>
> In this way if the Application handled by a Service Provider sends an
> AttributeConsumingServiceIndex different from 0, this is set in the
> AuthnRequest that WSO2 IS builds for the external IdP. I don't know if
> there is a different way to solve it but as far as I investigated this is
> the only solution I found
>
> Is this a proper way?
>
> If so... I hope you can use it and this can be useful to other people.
>
> Thank you
> Angelo
>


-- 
Farasath Ahamed
Associate Technical Lead, WSO2 Inc.: http://wso2.com
Mobile: +94777603866
Blog: https://farasath.blogspot.com / https://medium.com/@farasath
Twitter: @farazath619 

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] WSO2 IS - SAML SSO External IdP: handling several AttributeConsumingServiceIndex

2019-10-28 Thread Angelo Immediata 
Hi all.

I'm using WSO2 Identity Server version 5.8.0 and 5.9.0

I have this scenario: I have external IdPs and I want to allow SAML
integration with these IdPs. I can register them in WSO2 and all works
pretty good.

I was facing the following issue: I need to handle several
AttributeConsumingService. So the first thing I created the WSO2
ServiceProvider metadata file that I gave to the IdPs. This is the metadata
content:

> 
>  ID="_3574ad74-ba7a-4ea5-b3e8-dbb2dafb55df" entityID="http://wso2_590_ai;>
> WantAssertionsSigned="true"
> protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
>   
>  http://www.w3.org/2000/09/xmldsig#;>
> 
>
> 
>  
>   
>Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="
> https://localhost:9443/samlsso; />
>
> urn:oasis:names:tc:SAML:2.0:nameid-format:transient
>Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="
> https://localhost:9443/commonauth; index="0" isDefault="true" />
>   
>  set0
>  
>  
>   Name="fiscalNumber" />
>   />
>  
>   
>   
>  set1
>  
>  
>   Name="fiscalNumber" />
>   />
>  
>  
>   Name="dateOfBirth" />
>   Name="placeOfBirth" />
>   
>   
>  set2
>  
>  
>   Name="fiscalNumber" />
>   />
>  
>  
>   Name="dateOfBirth" />
>   Name="placeOfBirth" />
>   Name="countyOfBirth" />
>   
>   
>  set3
>  
>  
>   Name="fiscalNumber" />
>   />
>  
>  
>   Name="dateOfBirth" />
>   Name="placeOfBirth" />
>   Name="countyOfBirth" />
>   Name="mobilePhone" />
>   
>   
>  set4
>  
>  
>   Name="fiscalNumber" />
>  
>   
>   
>  set5
>  
>  
>   Name="fiscalNumber" />
>  
>   Name="companyName" />
>   Name="registeredOffice" />
>   />
>   
>
>
>   Service provider WSO2
> 590
>   WSO2
> 590
>   https://localhost:9443/
> 
>
> 


As you can see I have six AttributeConsumingService. So far so good... the
problem was how to solve this issue: let's suppose I have a Service
Provider registered inside WSO2 IS and let's suppose the application
related to this SP sends in the SAML Request the AttributeConsumingService
index. How can I pass this AttributeConsumingService to the SAML request
that WSO2 sends to the external IdPs? I found only one way: to modify the
>
> org.wso2.carbon.identity.application.authenticator.samlsso.manager.DefaultSAML2SSOManager.buildAuthnRequest(HttpServletRequest,
> boolean, String, AuthenticationContext)

method. Just after this instruction

> //Get the inbound SAMLRequest
> AuthnRequest inboundAuthnRequest = getAuthnRequest(context);


I added the following code:

> Integer attrConsServiceIndex =
> inboundAuthnRequest.getAttributeConsumingServiceIndex();
> if( attrConsServiceIndex != null && attrConsServiceIndex > 0 ) {
>if( log.isInfoEnabled() ) {
> log.info("Inbound SAML Request AttributeConsumingServiceIndex "+
> attrConsServiceIndex+" Settato nella auth request SAML");
> }
> authRequest.setAttributeConsumingServiceIndex(attrConsServiceIndex);
> }


In this way if the Application handled by a Service Provider sends an
AttributeConsumingServiceIndex different from 0, this is set in the
AuthnRequest that WSO2 IS builds for the external IdP. I don't know if
there is a different way to solve it but as far as I investigated this is
the only solution I found

Is this a proper way?

If so... I hope you can use it and this can be useful to other people.

Thank you
Angelo
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Analytics Dashboard 4.5.1 RC1

2019-10-28 Thread Lasantha Samarakoon 
Hi all,

We are calling-off this vote as we have found some issues in this RC. We
will release an RC2 and call for a vote soon.


Thanks,

On Mon, Oct 28, 2019 at 2:05 PM Dulanja Liyanage  wrote:

> Hi Lasantha,
>
> Have we done the security scanning for this?
>
> Thanks,
> Dulanja
>
> On Thu, 24 Oct 2019, 17:20 Fazlan Nazeem,  wrote:
>
>> Hi Lasantha,
>>
>> We came across the following issue[1], with Postgres with this release.
>> The docs[2] state specify configs for Postgres and hence we believe it is
>> supported.
>>
>> [1] https://github.com/wso2/analytics-apim/issues/759
>> [2] https://docs.wso2.com/display/SP440/Configuring+Datasources
>> 
>>
>>
>> On Wed, Oct 23, 2019 at 12:38 PM Lasantha Samarakoon 
>> wrote:
>>
>>> Hi all,
>>>
>>> We are pleased to announce the release candidate of the WSO2 Analytics
>>> Dashboard 4.5.1 release.
>>>
>>> WSO2 Analytics Dashboard consists of the following applications.
>>>
>>>- *Business Dashboards:* Allows users to create dashboards to
>>>visualize business data
>>>- *Monitoring:* Allows monitoring and observability for Streaming
>>>Integrator
>>>
>>> *Documentation*
>>>
>>> Documentation for each application are available at,
>>>
>>>- Business Dashboards:
>>>https://docs.wso2.com/display/SP440/Visualizing+Data
>>>- Monitoring:
>>>
>>> https://ei.docs.wso2.com/en/latest/streaming-integrator/admin/monitoring-the-streaming-integrator/
>>>
>>> *Download*
>>>
>>> The WSO2 Analytics Dashboard 4.5.1 RC1 distribution can be downloaded
>>> from https://github.com/wso2/analytics-dashboard/releases/tag/v4.5.1-rc1
>>> .
>>>
>>> *Tag to be voted upon*
>>>
>>>- Analytics Dashboard:
>>>https://github.com/wso2/analytics-dashboard/releases/tag/v4.5.1-rc1.
>>>
>>> Please download, and test the features and vote.
>>>
>>>- [+] Stable - go ahead and release
>>>- [-] Broken - do not release (explain why)
>>>
>>>
>>> ~ The Enterprise Integrator Team ~
>>>
>>>
>>
>> --
>> Thanks & Regards,
>>
>> *Fazlan Nazeem | *Associate Technical Lead | WSO2 Inc
>> Mobile : +94772338839 | fazl...@wso2.com
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>

-- 
*Lasantha Samarakoon*  | Senior Software Engineer | WSO2 Inc.
(M) +94 (71) 214 1576 | (E) lasant...@wso2.com

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Analytics Dashboard 4.5.1 RC1

2019-10-28 Thread Dulanja Liyanage 
Hi Lasantha,

Have we done the security scanning for this?

Thanks,
Dulanja

On Thu, 24 Oct 2019, 17:20 Fazlan Nazeem,  wrote:

> Hi Lasantha,
>
> We came across the following issue[1], with Postgres with this release.
> The docs[2] state specify configs for Postgres and hence we believe it is
> supported.
>
> [1] https://github.com/wso2/analytics-apim/issues/759
> [2] https://docs.wso2.com/display/SP440/Configuring+Datasources
> 
>
>
> On Wed, Oct 23, 2019 at 12:38 PM Lasantha Samarakoon 
> wrote:
>
>> Hi all,
>>
>> We are pleased to announce the release candidate of the WSO2 Analytics
>> Dashboard 4.5.1 release.
>>
>> WSO2 Analytics Dashboard consists of the following applications.
>>
>>- *Business Dashboards:* Allows users to create dashboards to
>>visualize business data
>>- *Monitoring:* Allows monitoring and observability for Streaming
>>Integrator
>>
>> *Documentation*
>>
>> Documentation for each application are available at,
>>
>>- Business Dashboards:
>>https://docs.wso2.com/display/SP440/Visualizing+Data
>>- Monitoring:
>>
>> https://ei.docs.wso2.com/en/latest/streaming-integrator/admin/monitoring-the-streaming-integrator/
>>
>> *Download*
>>
>> The WSO2 Analytics Dashboard 4.5.1 RC1 distribution can be downloaded
>> from https://github.com/wso2/analytics-dashboard/releases/tag/v4.5.1-rc1.
>>
>> *Tag to be voted upon*
>>
>>- Analytics Dashboard:
>>https://github.com/wso2/analytics-dashboard/releases/tag/v4.5.1-rc1.
>>
>> Please download, and test the features and vote.
>>
>>- [+] Stable - go ahead and release
>>- [-] Broken - do not release (explain why)
>>
>>
>> ~ The Enterprise Integrator Team ~
>>
>>
>
> --
> Thanks & Regards,
>
> *Fazlan Nazeem | *Associate Technical Lead | WSO2 Inc
> Mobile : +94772338839 | fazl...@wso2.com
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev