[Download]
| [Documentation Index] | [Release Note]
WSO2 Identity Solution, v1.0-beta-Administrator's Guide
This document provides information and instructions on the functionality
of the Management Console of WSO2 Identity Solution .
Your feedback on WSO2 Identity Solution is most appreciated. Please send them to our mailing lists.
Content
Loging to Admin Console
Download and install Identity Provider as in
here
Point your browser to https://host:port/admin. If you haven't changed
the default settings then you should be able to login to
https://localhost:12443/admin/ using username "admin" and passowrd "admin".
User Stores
WSO2 Identity Solution can access users from existing user stores. Identity Provider will
issue Managed Cards and Tokens for the users in configured user store. You can have several user
stores but only one can be active at a time. User store can be an LDAP or JDBC.
LDAP - org.wso2.usermanager.custom.ldap.LDAPRealm
ConnectionUrl | LDAP connection url. For example "ldap://localhost:389" |
ConnectionName | LDAP connection username. This must be a root user who can read attribute IDs |
ConnectionPass | LDAP connection password. |
UserPattern | User search pattern must be given. For example uid={0},ou=People,dc=wso2,dc=com |
UserContextName | Name of the context, where user objects are stored |
AttributeIds | User Attribute IDs that will be read by the IdP.
Column names must be comma seperated. For example: email_address, telephone . These attributes
will be included in the issued SAML tokens. |
JDBC - org.wso2.usermanager.custom.jdbc.JDBCRealm
DriverName | JDBC Driver's class name. It must be present in the classpath |
ConnectionURL | Connection URL to the database |
ConnectionUserName | Connection username to the database |
ConnectionPassword | Connection password of the username |
UserTable | User table name in the database |
UserNameColumn | User name column in the User table |
UserCredentialColumn | User credential column in the User table |
ColumnNames | Column names of the user table from where the user properties will be read.
Column names must be comma seperated. For example email_address, telephone . These attributes
will be included in the issued SAML tokens.
|
Defining Claims
The standard set of claims of the http://schemas.xmlsoap.org/ws/2005/05/identity
dialect and another set of sample claims are available in this view. Use
the "add new dialect" option and "add new claim" option to add diatects and
claims.
Click the "switch" icon in the claim detail section of each claim to enable/disable
a claim.
Mapping Claims
This view allows mapping a claim to a user attribute in the user store. The
available attibute identifiers will be shown in the claim edit view, when the
display name of a claim is selected.
Manage Identity Provider
Manage Users
The user management currectly allows the administrator to view the
list of users who can use the identity provider.
Trusted Relying Parties
Administrator can specify a list of relying parties trusted globally by the
identity provider. To add a new relying party to this list, click on the
"Add new trusted relying party" link and provide the certificate of the
relying party. This certificate must be in DER format. The "Common Name" (CN)
of this certificate will be used to identify the host name of the trusted
relying party.
Token Verification
Administrator can specify a list of identity providers trusted by the
token verification service. To add a new identity provider to this list click
on "Configure Identity Providers" and click on "Add". Then provide the
certificate of the identity provider in DER format, and click on the "upload"
button. The "Common Name" (CN) of this certificate will be used to identify the
host name of the trusted identity provider.
Issued Cards
Administator can view issued and revoked information cards using this view.
A card can be revoked using the "Revoke Card" option.
Statistics
This feature is not available in the beta version of WSO2 Identity Solution