Sample Identity Provider
Set up
IMPORTANT: Set sampleRealm as the default user store
using "Set as default" option in the "User Stores" configuration.
Now since we changed the user store the enabled claims and claim mappings will
have to be set.
Enable following claims :
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier
claim is enabled by default.
Use the "Claim Mappings" configuration to map claims to user properties as
listed below :
Claim URI | User property |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname | FIRSTNAME |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname | LASTNAME |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress | EMAIL |
WSO2 Identity Solution has a in-build sample Identity Provider (IdP), which has the full functionality
Now, the identity provider is configured to,
- Trust users with following username and passwords
User Name | Password |
alice | alice |
chris | chris |
bob | bob |
john | doe |
- Issue tokens with the following claims
- Given name (first name)
- Last name
- Email address
- Trusted relying part is - "Servlet Filter Sample"
- Use the certificate issued with "CN=localhost"
What can you do using Sample IdP?
Sample IdP can demonstrate full functionality of a real IdP
Download a Managed Information Card from Sample IdP
When downloading cards from the Sample IdP you must login using the browser in your local machine because the certificate of the Sample IdP is issued with "CN=localhost".You can download cards by logging using a Personal card or username/password. Start the Identity Solution application and point your browser to "https://localhost:12433/"
- Downloading cards by logging in using User Name, Password
Login using any of the above mentioned username, password pairs - for example alice, alice. Now click on "Download" button to obtain the Managed Information card. Then save the card into your identity selector by clicking save.
- Downloading cards by logging in using a "Personal Card"
Create a personal card. Login using any of the above mentioned username, password pairs.
Register the card by clicking "Register Self Issued Card".
This will register you personal card and the ppid issued by the card will appear
in the main page. Downlaod your Managed Information Card clicking "Download Information Card"
Getting Tokens issued by Sample IdP
Sample IdP trust "Servlet Filter Sample", and "Servlet Filter Sample" accepts token issued by Sample IdP. Therefore you can log into Servlet Filter sample using the InfoCards issued by the Sampe IdP. When you are logging in the Smaple IdP will issue tokens to the
Java Relying Party Sample
Code for this sample is available in the src-distribution under "modules/samples/identity-provider"