Include the following entry in the web.xml file of the application:
<filter> <filter-name>TokenValidator</filter-name> <filter-class>org.wso2.solutions.identity.relyingparty.servletfilter.RelyingPartyFilter</filter-class> <init-param> <param-name>Keystore</param-name> <param-value>keys/wso2is.jks</param-value> </init-param> <init-param> <param-name>StorePass</param-name> <param-value>wso2is</param-value> </init-param> <init-param> <param-name>KeyAlias</param-name> <param-value>localhost</param-value> </init-param> <init-param> <param-name>KeyPass</param-name> <param-value>wso2is</param-value> </init-param> <init-param> <param-name>StoreType</param-name> <param-value>JKS</param-value> </init-param> </filter> <filter-mapping> <filter-name>TokenValidator</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
Create a directory called "keys" directly inside the war directory. Download the keystore from here and add it into it.
<form name="frm" id="frm" method="post" action="InfoCardLogin.action"> <input type="hidden" name="InfoCardSignin" value="Log in" /><br/> <OBJECT type="application/x-informationCard" name="xmlToken"> <PARAM Name="tokenType" Value="urn:oasis:names:tc:SAML:1.0:assertion"> <PARAM Name="requiredClaims" Value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier"> <PARAM Name="issuer" value="http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self"> </OBJECT> </form>
The object tag here is the standard information card object as defined here .
It is important that you include the hidden field called "InfoCardSignin" with the value "Log in". The filter will process the HTTP POST request to extract the token sent when this request parameter is available.
Ant script available here will create a directory named "required-lib" and copy all the required jar files into it. Download the ant script and copy it to the identity distribution. Then run the script by typing ant create-required-lib. This will create the required-lib directory with the required libraries
The results of token processing will be available as attributes in the ServletRequest object.
To indicate whether token verification was successful or not there will be an attribute by the name "org.wso2.solutions.identity.rp.State". On successful verification value of this attribute will be "success". Otherwise it will be "failure".
Initiate a user session in a web application using these values.
The ServletRequest will also contain a set of attrbites by the names of the claims (the part of claim URI after the final "/")
with their values.String auth = (String)request.getAttribute(TokenVerifierConstants.SERVLET_ATTR_STATE); String welcomeString = ""; if(auth != null && TokenVerifierConstants.STATE_SUCCESS.equals(auth)) { welcomeString = "Welcome " String issuerInfo = request.getAttribute("issuerInfo"); //retrieving claims made by the user String givenName = (String)request.getAttribute(IdentityConstants.CLAIM_GIVEN_NAME); String surname = (String)request.getAttribute(IdentityConstants.CLAIM_SURNAME); String email = (String)request.getAttribute(IdentityConstants.CLAIM_EMAIL_ADDRESS); welcomeString = welcomeString + givenName + " " + surname + " "+email; }else{ welcomeString = "Login Failure!!" }