You can follow [1] for enabling SSO for WSO2 Servers.
When you configure SSO for WSO2 Servers, either you have to share the user stores or internal roles, otherwise you will end up with a authorization failure
In this blog post I am going to post the steps to share the internal roles in WSO2IS and WSO2ESB.
i) Download WSO2IS 5.0.0 and WSO2ESB 4.8.1
ii) Configure WSO2ESB's offset to 1 from <ESB_HOME>/repository/conf/carbon.xml file
iii) Open <IS_HOME>/repository/conf/datasource/master-datasources.xml file and add following data-source configuration
<datasource>
<name>WSO2UM_DB</name>
<description>The datasource used for user management</description>
<jndiConfig>
<name>jdbc/WSO2UM_DB</name>
</jndiConfig>
<definition type="RDBMS">
<configuration>
<url>jdbc:mysql://localhost:3306/userstore?autoReconnect=true&relaxAutoCommit=true&
</url>
<username>db_username</username>
<password>db_password</password>
<driverClassName>com.mysql.jdbc.Driver</driverClassName>
<maxActive>50</maxActive>
<maxWait>60000</maxWait>
<testOnBorrow>true</testOnBorrow>
<validationQuery>SELECT 1</validationQuery>
<validationInterval>30000</validationInterval>
</configuration>
</definition>
</datasource>
iv) Open <ESB_HOME>/repository/conf/datasource/master-datasources.xml file and add following data-source configuration
<datasource>
<name>WSO2UM_DB</name>
<description>The datasource used for user management</description>
<jndiConfig>
<name>jdbc/WSO2UM_DB</name>
</jndiConfig>
<definition type="RDBMS">
<configuration>
<url>jdbc:mysql://localhost:3306/userstore?autoReconnect=true&relaxAutoCommit=true&
</url>
<username>db_username</username>
<password>db_password</password>
<driverClassName>com.mysql.jdbc.Driver</driverClassName>
<maxActive>50</maxActive>
<maxWait>60000</maxWait>
<testOnBorrow>true</testOnBorrow>
<validationQuery>SELECT 1</validationQuery>
<validationInterval>30000</validationInterval>
</configuration>
</definition>
</datasource>
v) Open <IS_HOME>/repository/conf/user-mgt.xml file and configure datasource as follows [change the property dataSource ]
<Configuration>
<AddAdmin>true</AddAdmin>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>admin</UserName>
<Password>admin</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
<Property name="dataSource">jdbc/WSO2UM_DB</Property>
</Configuration>
vi)
v) Open <ESB_HOME>/repository/conf/user-mgt.xml file and configure datasource as follows [change the property dataSource ]
<Configuration>
<AddAdmin>true</AddAdmin>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>admin</UserName>
<Password>admin</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By
default users in this role sees the registry root -->
<Property name="dataSource">jdbc/WSO2UM_DB</Property>
</Configuration>
v) Open <IS_HOME>/repository/conf/user-mgt.xml file and configure datasource as follows [change the property dataSource ]
<Configuration>
<AddAdmin>true</AddAdmin>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>admin</UserName>
<Password>admin</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By
default users in this role sees the registry root -->
<Property name="dataSource">jdbc/WSO2UM_DB</Property>
</Configuration>
vii) Add mysql connector jar [2] to <IS_HOME>/repository/components/lib folder
viii) Add mysql connector jar [2] to <ESB_HOME>/repository/components/lib folder
viii) Create Database named WSO2UM_DB and run following script on it
<IS_HOME>/dbscripts/mysql.sql
viii) Now start both WSO2IS and WSO2ESB. When you add internal role in WSO2IS, it will show in the WSO2ESB as well.
ix) Now you can create a user in WSO2IS and assign a internal role which has login permission to that user. Then try to log into ESB, you will be able to successfully log in.
[1] https://docs.wso2.com/display/IS500/Enabling+SSO+for+WSO2+Servers
[2] http://dev.mysql.com/downloads/connector/j/
No comments:
Post a Comment