I have connected Liferay 6.2 and WSO2 Identity Server 5.0.0 with OpenId.
I have 2 iframe portlets in Liferay for Wso2 publisher and store and I use SAML for SSO.
I have set an infinite session timeout in Liferay.
How I can do the same thing in WSO2 Publisher and Store?
I have tried to set SSOService/SessionTimeout tag to 0 and -1 in WSO2-IS/repository/conf/identity.xml but not working.
<SSOService>...<SessionTimeout>0</SessionTimeout>...</SSOService>
Can you help me?
Thanks a lot.
As you are using WSO2IS 5.0.0,you can configure it by editing the value of the following property in /repository/conf/tomcat/carbon/WEB-INF/web.xml file.
<session-config>
<session-timeout>15</session-timeout>
</session-config>
Thanks.
Related
I'm using WSO2 API MANAGER VERSION 1.10.0
Sample API published with script description in publisher portal
and i open the api detail in store portal
setting carbon.xml is below
<XSSPreventionConfig>
<Enabled>true</Enabled>
<Rule>allow</Rule>
<!--Patterns>
<Pattern></Pattern>
</Patterns-->
</XSSPreventionConfig>
How can I solve it with setting?
You can download security patches for APIM 1.10.0 from here. This is already fixed in them.
We are using WSO2 Is 5.0 SP1. We want to send passive calls to WSO2 Is from the SP so as to keep the IDP session alive.
I came across this link
Rule 3 says that we can use SAML2 SSO Passive requests for achieving this but its a browser redirect. Is there any webservice API exposed by WSO2 IS for achieving the same without browser redirects.
Thanks in advance,
Cijoy
Passive SAML2 Auth request, is same as the normal SAML2 Auth request except on different. Passive request contains an attribute in the AuthRequest called IsPassive which must be set to true.
Please check the SAML2 spec line 2047
I am trying to use wso2 ESB server as a PEP, I already have wso2 identity server acting as the PDP and an application hosted on wso2 Application server. I have uploaded policies into identity server and I was wondering if there any tutorials out there that both show and explain how to make this happen. I have tried the blog http://wso2.org/library/articles/2011/08/finegrained-authorization-restful-services-xacml but it has not worked. any direction on how to turn esb into a pep would be appreciated
You can use wso2 esb Entitlement mediator. Have a look at following guide which explains how we can add fine grained authorization to proxy services.
http://docs.wso2.org/wiki/display/IS400/Adding+Fine-grained+Authorization+for+Proxy+Services+in+ESB
I am trying to evaluate WSO2 identity server. One of the key featues I need to evaluate is the multi tenant support. How can I configure WSO2 identity server to support multi tenant mode?
Itay
Please checkout Identity Server 4.0.0 Milestone 2 from here. Multitenancy feature is available by default. Goto Configure-->Multitenancy
Hope this helps.
Thanks
Thilini
Unable to get OpenID based SSO using WSO2 identity server. I have followed a Blog post given by the Suresh Aththanayaka, but after entering https://localhost:9443/openid/admin as your OpenID identifier. It will not redirecting to the Identity Server page. It shows a blank page.
Please help me.
I think issue in your client application.
I tried it in WSO2 Identity server 4.6.0 [1] it works fine for me.
Please find the latest sample here[2]
[1] http://wso2.com/products/identity-server/
[2] https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/products/is/4.6.0/modules/samples/openid/