Over a million developers have joined DZone.

How to Perform SSO with Claims in WSO2 IS

· Integration Zone

Learn how API management supports better integration in Achieving Enterprise Agility with Microservices and API Management, brought to you in partnership with 3scale

1. Here is a SSO sample[1] that will be deployed in AS 5.2.1 and WSO2 IS will be used as IDP for SSO.

2. Get svn check out[1] and go to \src\main\resources\travelocity.properties

uncomment below line


update number with ConsumerIndex after registry the issuer in IS

3. Avoid exposing slf4j from WSO2 AS using <AS_HOME>/repository/conf/tomcat/webapp-classloading-environments.xml file. There you can modify Carbon related entry as below.


4. Now builder sample 'mvn clean install'

6. Start AS with offset 1
\wso2as-5.2.1\bin>wso2server.bat -DportOffset=1

5. Upload travelocity.com.war file in to WSO2 AS 

6. Now start IS with offset 0 and Register 'New Service Provide' in 'SAML 2.0 based Single Sign-On'


7. With Enable Attribute Profile (Claim) and click 'update'

8. Then you can find Consumer Index if you did not pick 'include Attributes in the Response Always'

9. Now go to http://localhost:8080/travelocity.com/


10. Now you login.



There you can see the user claim that we checked In.


adding below line in ‘<wso2is-home>\repository\conf\log4j.properties’


Will show the request and responds in wso2 IS console. you can try decide those from decoding from here online site[2].

You can change user profile values from ‘Home > Configure > Users and Roles  > Users > Update Profile’

[1]  https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/products/is/4.5.0/modules/samples/sso/SSOAgentSample/src/main/webapp

[2] https://rnd.feide.no/simplesaml/module.php/saml2debug/debug.php

Unleash the power of your APIs with future-proof API management - Create your account and start your free trial today, brought to you in partnership with 3scale.


Published at DZone with permission of Madhuka Udantha, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}