Skip to content

Commit

Permalink
Merge pull request wso2#1 from wso2/testhackathon
Browse files Browse the repository at this point in the history 
Testhackathon
  • Loading branch information
sherene authored Sep 17, 2019
2 parents 4e2de2d + f60e267 commit 70ff38a
Show file tree
Hide file tree
Showing 68 changed files with 9,886 additions and 9,064 deletions.
144 changes: 138 additions & 6 deletions en/docs/develop/amazon-authenticator.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ following sections.
!!! note
If you want to upgrade the Amazon Authenticator (.jar) in your
existing IS pack, please refer [upgrade
instructions.](https://docs.wso2.com/display/ISCONNECTORS/Authenticator+Upgrade+Instructions)
instructions.](../../develop/upgrading-an-authenticator)


2. Navigate to <http://login.amazon.com/>, click **App Console.**
Expand Down Expand Up @@ -74,8 +74,7 @@ app](../../connectors/deploying-the-sample-app).

Now you must configure the WSO2 Identity Server by [adding a new
identity
provider](../../learn/configuring-an-identity-provider)
.
provider](../../learn/adding-and-configuring-an-identity-provider).

1. Download the WSO2 Identity Server from
[here](http://wso2.com/products/identity-server/) and [run
Expand All @@ -88,8 +87,7 @@ provider](../../learn/configuring-an-identity-provider)
4. Give a suitable name for **Identity Provider Name** (e.g., Amazon)
and click **Register**.

5. Navigate to the **Amazon Configurations** under ****Federated
Authenticators****
5. Navigate to the **Amazon Configurations** under **Federated Authenticators**
- In IS 5.1.0 or 5.2.0, go to **AmazonAuthenticator
Configuration** under **Federated Authenticators**.
- In IS 5.3.0, go to **Amazon Configuration** under **Federated
Expand All @@ -108,7 +106,11 @@ provider](../../learn/configuring-an-identity-provider)
- Select both checkboxes **Enable** and **Default** to enable the
Amazon Authenticator and to make it the default authenticator.

![Add New Identity Provider screen](../../assets/img/connectors/add-new-identity-provider-as-amazon.png)
IS 5.3.0:
![Add New Identity Provider screen](../../assets/img/connectors/add-new-identity-provider-as-amazon.png)

IS 5.1.0/IS 5.2.0:
! [Add New IDP for older versions](../../assets/img/connectors/amazon-idp-older-version.png)

7. Click **Update**.

Expand All @@ -117,6 +119,9 @@ You have now added the identity provider.
### Step 4 - Configure the service provider

The next step is to configure the service provider.

#### Configuring a service provider with IS 5.3.0 upwards

1. Return to the management console.

2. In the **Service Providers** section under the **Main** tab, click
Expand Down Expand Up @@ -173,9 +178,44 @@ The next step is to configure the service provider.

You have now added and configured the service provider.

#### Configuring a service provider with IS 5.1.0 or IS 5.2.0

1. Return to the management console.

2. In the **Service Providers** section under the **Main** tab, click **Add**.

3. Since you are using travelocity as the sample, enter travelocity.com in the **Service Provider Name** text box and click **Register**.

4. In the **Inbound Authentication Configuration** section, click **Configure** under the **SAML2 Web SSO Configuration** section.

5. Now set the configuration as follows:
1. **Issuer**: travelocity.com
2. **Assertion Consumer URL**: http://localhost:8080/travelocity.com/home.jsp

6. Select the following check-boxes:
1. Enable Response Signing.
2. Enable Single Logout.
3. Enable Attribute Profile.
4. Include Attributes in the Response Always.

7. Click **Update** to save the changes. Now you will be sent back to the **Service Providers** page.

8. Go to the **Local and Outbound Authentication Configuration** section.

9. Select the identity provider you created from the drop-down list under **Federated Authentication**.

![amazon-federated-auth](../../assets/img/connectors/amazon-federated-auth.png)

10. Ensure that the **Federated Authentication** radio button is selected and click **Update** to save the changes.

You have now added and configured the service provider.

### Step 5 - Configure claims

Add a new claim mapping for various user attributes related to Amazon.

#### Configuring claims with IS 5.3.0 upwards

!!! info
For more information, see [Adding Claim
Mapping](../../learn/adding-claim-mapping).
Expand Down Expand Up @@ -256,6 +296,98 @@ Add a new claim mapping for various user attributes related to Amazon.

7. Click **Update**.

#### Configuring claims with IS 5.1.0 or IS 5.2.0

1. Sign in to the [Management
Console](../../setup/getting-started-with-the-management-console)
by entering your username and password.

2. In the **Main** menu, click **Add** under **Claims**.

3. Click **Add Claim Dialect** to create the Amazon authenticator
specific claim dialect.
![dialect-details-old-version](../../assets/img/connectors/dialect-details-old-version.png)

- Use the Dialect Uri as - http://wso2.org/amazon/claims
- Enter the values for mandatory fields. It will create the claim for the given user field under the Amazon claim dialect.

<table>
<tr>
<th>Display Name</th>
<td>User ID</td>
</tr>
<tr>
<th>Description</th>
<td>Claim to user ID</td>
</tr>
<tr>
<th>Mapped Attribute</th>
<td>uid</td>
</tr>
<tr>
<th>Claim URL</th>
<td>http://wso2.org/amazon/claims/user_id</td>
</tr>
<tr>
<th>Supported by Default</th>
<td>selected</td>
</tr>
</table>

4. Click Add New Claim.

5. Select the Dialect from the dropdown provided and enter the required information.

6. Add the following claims under the dialect http://wso2.org/amazon/claims.
<table>
<tr>
<th>Display Name</th>
<td>Email Address</td>
</tr>
<tr>
<th>Description</th>
<td>Claim to Email Address</td>
</tr>
<tr>
<th>Mapped Attribute</th>
<td>mail</td>
</tr>
<tr>
<th>Claim URL</th>
<td>http://wso2.org/amazon/claims/email</td>
</tr>
<tr>
<th>Supported by DefaultL</th>
<td>selected</td>
</tr>
</table>

<table>
<tr>
<th>Display Name</th>
<td>Name</td>
</tr>
<tr>
<th>Description</th>
<td>Claim to Name</td>
</tr>
<tr>
<th>Mapped Attribute</th>
<td>givenName</td>
</tr>
<tr>
<th>Claim URL</th>
<td>http://wso2.org/amazon/claims/name</td>
</tr>
<tr>
<th>Supported by DefaultL</th>
<td>selected</td>
</tr>
</table>

6. Similarly, you can create the claims for all the public information of the Amazon user.
![claims-for-amazon-info](../../assets/img/connectors/claims-for-amazon-info.png)

### Step 6 - Configure requested claims for travelocity.com

1. In the **Identity** section under the **Main** tab, click **List**
Expand Down
3 changes: 1 addition & 2 deletions en/docs/develop/authenticators-and-connectors.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@

!!! tip "Before you begin"

Download [WSO2 Identity
Server](https://wso2.com/identity-and-access-management).
Download [WSO2 Identity Server](https://wso2.com/identity-and-access-management).


Each authenticator provides you a way to authenticate the user using
Expand Down
34 changes: 4 additions & 30 deletions en/docs/develop/aws-cloud-directory-user-store.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@ the
class to configure AWS user store manager.

!!! tip

The AWS user store extension is compatible with WSO2 Identity Server
5.5.0, 5.6.0 as well as 5.7.0.

Expand All @@ -25,18 +24,6 @@ The following topics provide information on how you can configure the
AWS user store extension with WSO2 Identity Server and then use AWS
as the primary or secondary user store in WSO2 Identity Server:

- [Prerequisites](#AWSCloudDirectoryUserStore-Prerequisites)
- [Adding AWS user store extension to WSO2 Identity
Server](#AWSCloudDirectoryUserStore-addAddingAWSuserstoreextensiontoWSO2IdentityServer)
- [Configuring AWS as the secondary user
store](#AWSCloudDirectoryUserStore-ConfiguringAWSasthesecondaryuserstore)
- [Configuring AWS as the primary user
store](#AWSCloudDirectoryUserStore-ConfiguringAWSastheprimaryuserstore)
- [AWS user store manager
properties](#AWSCloudDirectoryUserStore-propertiesAWSuserstoremanagerproperties)



### Prerequisites

1. Create a cloud directory by uploading the schema for the objects via
Expand Down Expand Up @@ -99,9 +86,6 @@ as the primary or secondary user store in WSO2 Identity Server:
```

!!! note

Note

If you are going to maintain a set of claims such as
` givenName `, ` mail `,
` sn `, and
Expand Down Expand Up @@ -251,12 +235,11 @@ Follow the steps below to configure AWS as the secondary user store.
fields.
3. Enter appropriate values for all the mandatory properties. For
information on each property, see [AWS user store manager
properties](#AWSCloudDirectoryUserStore-properties).
properties](#aws-user-store-manager-properties).

### Configuring AWS as the primary user store

!!! tip

Configuring AWS as the secondary user store is straightforward once you
add the AWS user store extension to WSO2 Identity Server,. However, if
you want to use AWS as the primary user store in WSO2 Identity Server,
Expand All @@ -267,16 +250,13 @@ Follow the steps below to configure AWS as the primary user store in
WSO2 Identity Server:

1. Follow steps 1 and 2 under [Adding AWS user store extension to WSO2
Identity Server](#AWSCloudDirectoryUserStore-add).
Identity Server](#adding-aws-user-store-extension-to-wso2-identity-server).

2. Edit the
` <IS_HOME>/repository/conf/user-mgt.xml ` file
and add the following configuration:

!!! note

Note

When you add the following configuration, be sure to specify
applicable values for the following properties:

Expand All @@ -285,7 +265,6 @@ WSO2 Identity Server:
<Property name="SecretAccessKey">xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</Property>
```


**user-mgt.xml**

``` java
Expand Down Expand Up @@ -374,7 +353,7 @@ between the ` Users ` object and ` Roles `
object. Therefore, the directory structure should be similar to what is
depicted in the following diagram:
![](attachments/97561749/103326406.png)
![](../../assets/img/97561749/103326406.png)
For example, if you assign multiple roles such as Role1 and Role2 to
User1, and you want to establish a relationship between the objects, you
Expand All @@ -383,8 +362,6 @@ have to create the following typed links:
- User1 → Role1
- User1 → Role2
**Scenario 2 :** Let's take a look at how you can maintain different
object relationship details (i.e., ` Users `,
` Roles ` ) as an attribute inside the
Expand Down Expand Up @@ -433,7 +410,7 @@ ownership relationship between the ` Users ` object and
` Roles ` object. Therefore, the directory structure
should be similar to what is depicted in the following diagram:

![](attachments/97561749/103326407.png)
![](../../assets/img/97561749/103326407.png)

For example, if you assign multiple roles such as Role1 and Role2 to
User1, then the relationship between the objects should be kept as an
Expand Down Expand Up @@ -623,10 +600,7 @@ Default value is <code> ^[\S]{5,30}$ </code></p></td>
</tbody>
</table>



!!! note

The ` listObjectChildren ` REST API operation is used to
get the list of users/roles. This operation does not guarantee that all
object children of ` PathToUsers ` or
Expand Down
Loading

0 comments on commit 70ff38a

Please sign in to comment.