<filter> <filter-name>TokenValidator</filter-name> <filter-class>org.wso2.solutions.identity.relyingparty.servletfilter.RelyingPartyFilter</filter-class> <init-param> <param-name>config-file</param-name> <param-value>/path/to/config.xml</param-value> </init-param> </filter> <filter-mapping> <filter-name>TokenValidator</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
<RPConfig> <ServiceKey> <Keystore>/path/to/keystore</Keystore> <StorePass>your_keystore_password</StorePass> <KeyAlias>alias_of_private_key</KeyAlias> <KeyPass>password_of_private_key</KeyPass> <StoreType>keystore_type_(JKS_or_PKCS12)</StoreType> </ServiceKey> <VerifierService>http://localhost:12080/wsas/services/RelyingPartyService</VerifierService> </RPConfig>In the above configuration there are two main configuration elements :
<form name="frm" id="frm" method="post" action="InfoCardLogin.action"> <input type="hidden" name="InfoCardSignin" value="Log in" /><br/> <OBJECT type="application/x-informationCard" name="xmlToken"> <PARAM Name="tokenType" Value="urn:oasis:names:tc:SAML:1.0:assertion"> <PARAM Name="requiredClaims" Value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier"> <PARAM Name="issuer" value="http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self"> </OBJECT> </form>The object tag here is the standard information card object as defined here. It is important that you include the hidden field called "InfoCardSignin" with the value "Log in". The filter will process the HTTP POST request to extract the token sent when this request parameter is available.
These values can be used by the developer to initiate a user session in a web application.