如何将WSO2 am 1.10.0与PingFederate SAML 2.0集成在一起?有指示吗?
How to integrate WSO2 am 1.10.0 with PingFederate SAML 2.0? Any instructions?
在WSO2网站上,我仅看到有关如何在WSO2产品中设置SSO的文档: docs.wso2/display/AM1100/Configuring+Single+Sign-on+with+SAML2 .但是我没有看到有关如何通过SAML2与外部身份提供程序(例如PingFederate)启用WSO2 AM 1.10.0的文档.
From WSO2 web site, I only saw docs on how to set up SSO among WSO2 products: docs.wso2/display/AM1100/Configuring+Single+Sign-on+with+SAML2 . But I did not see documentation on how to enable WSO2 AM 1.10.0 with external identity providers such as PingFederate via SAML2.
感谢您的帮助.
***更新:
我按照此处的说明 docs .wso2/display/AM1100/Configuring + Single + Sign-on + with + SAML2 -仅假设WSO2 IS为PingIdentity.对于大多数而言,它是有效的,但是在订阅API时我无法生成密钥.即使我已登录应用程序和订阅并可以从/store UI创建应用程序,它也会显示无效的凭据".
I followed the instructions here docs.wso2/display/AM1100/Configuring+Single+Sign-on+with+SAML2 - just assuming WSO2 IS as PingIdentity. For the mojority part it's working, but I cannot generate keys when subscribing to an API. It says "invalid credentials" even if I have logged into applications and subscriptions and can create applications from /store UI.
推荐答案我可以确认无需在图片中添加单独的wso2 IS服务器即可完成此操作.我通过以下方式解决了几个问题(无法生成密钥,无法发布API等):我要解决的问题是:1)在api-manager.xml中的ApiKeyValidaor中添加管理员用户,也可以通过管理控制台添加到管理员用户中user-mgt.xml; 2)在api-manager.xml中:
I can confirm that this can be done without adding a separate wso2 IS server into the picture. I fixed several issues (Cannot generate keys, cannot publish APIs, etc..) by: What I did to fix the issue was to 1) add admin user inside ApiKeyValidaor in api-manager.xml also into admin user via management console and into user-mgt.xml; 2) Inside api-manager.xml:
更改以下内容:
$ {carbon.local.ip}:$ {mgt.transport.https.port} $ {carbon.context}/services/
${carbon.local.ip}:${mgt.transport.https.port}${carbon.context}/services/
至: [FQDN_OF_HOST }:$ {mgt.transport.https.port} $ {carbon.上下文}/services/
to: [FQDN_OF_HOST}:${mgt.transport.https.port}${carbon.context}/services/
原因是我的服务器证书仅记录了域名,而不记录IP地址.
Reason is my server certificate only recorded the domain name, not ip address.
这里也提到了解决方案:
The solution was also mentioned here: wso2 am 1.10.0 API Store: "Error occurred while executing the action generateApplicationKey" with " Invalid credentials provided."
更多推荐
如何将WSO2 API管理器(AM)1.10.0与PingFederate SAML 2.0集成在一起?
发布评论