[Download ] | [Documentation Index ] | [Release Note ]
This document provides information and instructions on the functionality of the Management Console of WSO2 Identity Solution .
Your feedback on WSO2 Identity Solution is most appreciated. Please send them to our mailing lists .
Download and install Identity Provider as in here .
Point your browser to https://host:port/admin. If you haven't changed the default settings then you should be able to login to https://localhost:12443/admin/ using username "admin" and passowrd "admin".
WSO2 Identity Solution can access users from existing user stores. Identity Provider will issue Managed Cards and Tokens for the users in configured user store. You can have several user stores but only one can be active at a time. User store can be an LDAP or JDBC.
Parameter Name | Description |
ConnectionUrl | LDAP connection url - e.g. ldap://localhost:389 |
ConnectionName | LDAP connection username. This must be a root user who can read attribute IDs |
ConnectionPass | LDAP connection password. |
UserPattern | User search pattern must be given - e.g. uid={0},ou=People,dc=wso2,dc=com |
UserContextName | Name of the context, where user objects are stored |
AttributeIds | User Attribute IDs that will be read by the IdP. Column names must be comma seperated - e.g. email_address, telephone. These attributes will be included in the issued SAML tokens. |
Parameter Name | Description |
DriverName | JDBC Driver's class name. It must be present in the classpath - e.g. org.apache.derby.jdbc.EmbeddedDriver |
ConnectionURL | Connection URL to the database - e.g. jdbc:derby:home/identity/database/SAMPLE_DB |
ConnectionUserName | Connection username to the database |
ConnectionPassword | Connection password of the username |
UserTable | User table name in the database. |
UserNameColumn | User name column in the User table |
UserCredentialColumn | User credential column in the User table |
ColumnNames | Column names of the user table from where the user properties will be read. Column names must be comma seperated - e.g. email_address, telephone. These attributes will be included in the issued SAML tokens. |
The standard set of claims of the http://schemas.xmlsoap.org/ws/2005/05/identity dialect and another set of sample claims are available in this view. Use the "add new dialect" option and "add new claim" option to add diatects and claims.
Click the "switch" icon in the claim detail section of each claim to enable/disable a claim.
A detailed guide on defining claims realted to OpenID is available here .
This view allows mapping a claim to a user attribute in the user store. The available attibute identifiers will be shown in the claim edit view, when the display name of a claim is selected.
The user management currectly allows the administrator to view the list of users who can use the identity provider.
Administrator can specify a list of relying parties trusted globally by the identity provider. To add a new relying party to this list, click on the "Add new trusted relying party" link and provide the certificate of the relying party. This certificate must be in DER format (When you export a cerificate using java keytool the certificate will be in DER format). The "Common Name" (CN) of this certificate will be used to identify the host name of the trusted relying party.
Administator can view issued and revoked information cards using this view. A card can be revoked using the "Revoke Card" option.
Statistics provides information on user behavior, card downloads and token issuance. These are the reports that it generates.