Please help
I installed wso2 APIM and now configuring. I created new REST API, and enter url "View in Dev Portal", redirected to localhost for me
I changed hostname in deployment.toml (ip-addr). Why redirecting to localhost for me?
Uncomment and update this configuration.
#[apim.devportal]
#url = "https://localhost:${mgt.transport.https.port}/devportal"
Login to the Carbon console (/carbon) and go to Service Providers and select Store/Dev Portal as Application, and expand Inbound Authentication Configuration and click on edit. It will open the inbound authentication configurations, edit the callback URL by replacing the localhost with your IP/hostname and update it.
Now, the dev-portal will not be redirected to the localhost.
The same applies for the publisher as well.
Related
I am running WSO2 Identity Server 5.7.0 and using OpenID Connect. I currently receive an invalid redirect error when I navigate to https://MY_DOMAIN/oidc/logout, when I think I should be redirected to a page under the /authenticationendpoint resource. I noticed in the "Logout Endpoint URL" under Resident Identity Provider > Inbound Authentication Configuration > OAuth2/OpenID Connect Configuration is set to "https://MY_DOMAIN:-1/oidc/logout".
I am assuming the Logout Endpoint URL is configured based on the OIDCLogoutEPUrl config value in identity.xml. In my identity.xml file this value is set to ${carbon.protocol}://${carbon.host}:${carbon.management.port}/oidc/logout.
My first question: Is the Logout Endpoint URL value only copied to the database when WSO2 is first run and the databases are initialized?
Followup question: If the answer to that is no, how can I configure that value without re-seeding the database?
Thanks for your help.
Answering to your first question:
Logout Endpoint URL will not be added to database during first run. Value is being read from identity.xml -> OAuth -> OIDCLogoutEPUrl always during server start up. However its important to have path "oidc/logout" in order to deliver logout request to "OIDCLogoutServlet" [1].
Once OIDCLogoutServlet receive the logout request further redirection customization you can do by changing OIDCLogoutConsentPage, OIDCLogoutPage.
Reference
[1] https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/master/components/org.wso2.carbon.identity.oidc.session/src/main/java/org/wso2/carbon/identity/oidc/session/internal/OIDCSessionManagementComponent.java#L65
This is the first time i am doing the deployment from my side and am new to AWS. I have a project deployed on Amazon AWS server for testing purpose. I have set the domain name as: https://domain.biz
I have a login page here where once the user logs in successfully i am setting the userId in the session and navigating the user to dashboard.
In the dashboard i have added a function to check whether session set with value of userId. If the session is not set then i am navigating user back to login page. This is to block the unauthorized access to site.
I am facing problem here. when i was working with the server before adding ssl it is working fine.after https://domain.biz session is working one page.and http://domain.biz works fine. When i have added domain to https then the session is not working. What is the problem here with AWS? Am i missing anything.
Check this : Session lost when switching from HTTP to HTTPS in PHP
Since codeignitor is in php, I suppose this thread could solve your issue.
My IS is running on EC2 and sending slo to https://ec2-52-XXXXX.amazonaws.com:9443/samlsso?slo=true after logout the page redirects to localhost:9443/authenticationendpoint/samlsso_logout.do . I was expecting it should be https://<IS_Server>:9443/authenticationendpoint/samlsso_logout.do . Any idea what I am missing? How/Where to specify and change the urls?
You have to specify the host name at carbon.xml. Please see my answer here for details.
You need to configure SLO URL in management console. Goto - Add service Provider > Inbound Authentication Configuration >SAML SSOconfiguration.
You need to tick tick the enable single logout and past the SLO URL in relevant box.
For more details,
IS 5.1.0 here
IS 5.0.0 here
I'd created a django project for sign in with google using django-social-auth.
I'd followed the doc and created an app in google developer console with "OAuth 2.0" and added API's of
Gmail API, Google+ API, Google+ Domains API and Google+ Hangouts API
In Credentials I've set up AUTHORIZED REDIRECT URIS to my production server url "mysite.com".
I'd configured django settings with the "CLIENT ID" and "CLIENT SECRET". This set up works perfectly on my local server, user is created and the email is associated for the user.
But when I moved to the production server, I get the error
"400. That’s an error. OpenID auth request contains an unregistered domain: mysite.com".
Did any one else faces a similar issue?
I also had the similar issue and I fixed it as follows:
If your google login URL is /login/google/, change it to /login/google-oauth2/
Add the following redirect URIs in your google app settings
http://<your domain>/<social-auth-prefix-if-any>/complete/google-oauth2/
http://<your domain>/<social-auth-prefix-if-any>/associate/complete/google-oauth2/
Hope this helps.
I've developed a sso filter and it worked fine with identity server4.1
However, when I migrate to 4.5, it keeps redirecting to localhost:9443 instead of the url i configured.(My Identity server is on another server)
So is it a bug or do i need do some extra configuration on identity server?
Yes, you need to do one more config. Locate the application-authenticators.xml file in the path wso2is-4.5.0/repository/conf/security/application-authenticators.xml. Locate the bellow config
loginPage="https://localhost:9443/authenticationendpoint/login.do"
There change the hostname accordingly.
You means that from your filter, it is always redirecting to localhost:9443 (SAML Auth request)? Or else after authenticating (after entering user name and passwords) with Identity Server, it redirected to localhost:9443?