WSO2 compressing SAML over POST binding - wso2

I am trying to register WSO2 as a identity provider for PingOne. After configuring both PingOne and WSO2 PingOne would complain about not being able to process WSO2's SAML response.
After working with Ping technical support, we discovered that the WSO2 compresses SAML when sending it using the SAML POST binding which is a violation of the SAML specification.
I dug around on the web and it seems that the WSO2 team is already aware of this issue and it is fixed in version 4.1.1. Unfortunately, there does not seem to be a 4.1.1 download on the WSO2 page.
If the WSO2 support team monitoring stack overflow could please recommend how I should proceed to work around this issue I would greatly appreciate it.

There was such issue and it has been fixed in 4.5.0. Actually, there was a plan to release 4.1.1. But due to new features, finally it has been renamed as 4.5.0. Please download 4.5.0 from official website http://wso2.com/products/identity-server and try out it.

Related

Is multitenancy supported in wso2 identity server v5.11 github releases or do I need a subscription for the same?

I am trying to utilise multitenancy feature in WSO2 by using github releases(https://github.com/wso2/product-is/releases/tag/v5.11.0). I just wanted to understand if there are any limitations for the same between enterprise version downloaded from wso2 site and github releases.
Thanks
WSO2 doesn't have an Enterprise Version of the product. Everybody uses the same base release and if you have a subscription you will be receiving product updates for bug fixes, improvements, security issues etc. Other than that there are no hidden features or limitations in the Opensource version.(Rarely some features are introduced as updates, in these cases you may not receive them) The subscription is for getting updates and getting support from WSO2.
You can read more about WSO2 subscription from here.
Adding to #YCR answer, yes, multi tenancy is supported in IS 5.11.0 and IS 6.0.0 and it was supported throughout IS 5.x series. Please see Tenant Management on WSO2 documentation.

WSO2 API Manager 2.0.0: Enabling XACML mediator

I am trying to follow the documentation Enabling Role-Based Access Control Using XACML for WSO2 API Manager 2.0.0.
But adding the features described failed,
complaining: the XACML feature 5.0.7 cannot be installed since 5.2.0 is already installed (although not visible under "installed features"). Adding XACML Mediation fails due to missing dependencies.
Anyone got this working and can share some insight?
Looks like the features in the new p2 repository has conflicts with existing ones. Basically, it's a bug. I reported this here in WSO2 APIM JIRA.
As a workaround, if you only need role based authorization, you can use oAuth2 scope based authorization.

How to install federated authenticators in wso2 API manager 2.0?

I am trying to install following feature in wso2 API manager 2.0.
http://xacmlinfo.org/2015/05/13/federated-authenticators-in-wso2-api-manager-wso2apim/
but I am getting error in API manager's console while installations.
It seems the above package is not compatible for 2.0 version.
Please suggest me the exact version of 'Application Authenticator' feature which is compatible with wso2 AM version 2.0.
Thanks in advance
It seems the p2 repos are still not updated with the latest Authenticator versions based on Identity Application Management Server Feature 5.2.0 or above. This will be updated soon with the next release.
However you can use WSO2 IS for this use case. You can configure SSO for APIM with IS using this link . Then you can federate IS for OpenAM with this link . With that you can connect APIM with openAM.
Hope this helps.

WSO2 Identity Server 5.0.0 clustering with Oracle Coherence

Halo everybody (maybe Asela? :),
Can anyone guide me how can I implement Oracle Coherence as a Cache provider with WSO2 Identity Server 5.0.0 clustered using with WSO2 ELB?
I found some very useful links on that topic, from which I consider this one as a good start: Clustering Identity Server
But I cannot find a way how to find solution for changing Hazelcast cache provider for any other provider.
I also realized, WSO2 is not using javax.caching implementation from JDK (since it was introduced in 1.7 and later), it is using its own based on JSR-107 (from which JSR I suppose Java JDK JCache is originated.
This article shows, that there is a way, how to somehow implement user JSR 107 JCache, but I don't see it configured for whole Identity Server:
WSO2 Multi-tenant Cache: JSR-107 (JCache)
I'm expecting answer which will guide me, what to change or add (for instance to carbon core) and where to setup / configure those changes, to make them global used within WSO2 Identity Server 5.0.0.
I hope it is relevant question and since this Carbon based platform is very rich and configurable, I hope this will be possible with some time invested.
Thank you in advance,
Josef
Coherence supports the real JCache APIs, so if WSO2 uses JCache, it should be easy to integrate Coherence!

WSO2 Cloud adapters

I went thorough the features of WSO2 ESB. I noticed WSO2 Coud Connectors like Twitter, LinkedIn ..
I would like to know about any documents, wiki which supports this. I have the Auth Keys from Twitter. I want to do a simple twitter integration using WSO2 ESB.
Please share your thoughts.
Regards,
Guru
#gnanagurus
This is a new feature that will be released with WSO2 ESB 4.5.0. You can do 3rd party API integration very easily with this new feature. For example once the Twitter Connector Library is deployed in the ESB , you can feed the relevant OAuth keys directly and connect to Twitter Cloud seamlessly. Currently there are no publicly available docs. But please await we will be releasing this documentation soon with upcoming releases.
You can find the documentation on connectors from here. Twitter specific documentation can be found here.