How to Perform SSO with Claims in WSO2 IS

DZone 's Guide to

How to Perform SSO with Claims in WSO2 IS

· Integration Zone ·
Free Resource

1. Here is a SSO sample[1] that will be deployed in AS 5.2.1 and WSO2 IS will be used as IDP for SSO.

2. Get svn check out[1] and go to \src\main\resources\travelocity.properties

uncomment below line


update number with ConsumerIndex after registry the issuer in IS

3. Avoid exposing slf4j from WSO2 AS using <AS_HOME>/repository/conf/tomcat/webapp-classloading-environments.xml file. There you can modify Carbon related entry as below.


4. Now builder sample 'mvn clean install'

6. Start AS with offset 1
\wso2as-5.2.1\bin>wso2server.bat -DportOffset=1

5. Upload travelocity.com.war file in to WSO2 AS 

6. Now start IS with offset 0 and Register 'New Service Provide' in 'SAML 2.0 based Single Sign-On'


7. With Enable Attribute Profile (Claim) and click 'update'

8. Then you can find Consumer Index if you did not pick 'include Attributes in the Response Always'

9. Now go to http://localhost:8080/travelocity.com/


10. Now you login.



There you can see the user claim that we checked In.


adding below line in ‘<wso2is-home>\repository\conf\log4j.properties’


Will show the request and responds in wso2 IS console. you can try decide those from decoding from here online site[2].

You can change user profile values from ‘Home > Configure > Users and Roles  > Users > Update Profile’

[1]  https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/products/is/4.5.0/modules/samples/sso/SSOAgentSample/src/main/webapp

[2] https://rnd.feide.no/simplesaml/module.php/saml2debug/debug.php


Published at DZone with permission of Madhuka Udantha , DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}