wso2am 2.6.0 file-based SAML IdP configuration
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
0
We have a file-based SAML IdP configuration for WSO2AM-2.1.0 (similar to this one) and we'd like to migrate to wso2am-2.6.0
Using the same IdP cnofiguration file the IdP is not configured and in the logs we see:
ERROR - IdentityProvider Error while building default provisioning connector config for IDP oamidp.
Cause : No configured name found for ProvisioningConnectorConfig Building rest of the IDP configs
It's the XML file configuration in repository/conf/identity/identity-providers/
I found an example configuration documented in here https://docs.wso2.com/display/IS570/Configuring+a+SP+and+IdP+Using+Configuration+Files
I believe our configuration is compliant with the exaample (which is not mentioning any ProvisioningConnectorConfig tag
wso2 wso2is wso2-am
asked Nov 26 '18 at 14:32
gusto2gusto2
5,2432922
add a comment |
0
We have a file-based SAML IdP configuration for WSO2AM-2.1.0 (similar to this one) and we'd like to migrate to wso2am-2.6.0
Using the same IdP cnofiguration file the IdP is not configured and in the logs we see:
ERROR - IdentityProvider Error while building default provisioning connector config for IDP oamidp.
Cause : No configured name found for ProvisioningConnectorConfig Building rest of the IDP configs
It's the XML file configuration in repository/conf/identity/identity-providers/
I found an example configuration documented in here https://docs.wso2.com/display/IS570/Configuring+a+SP+and+IdP+Using+Configuration+Files
I believe our configuration is compliant with the exaample (which is not mentioning any ProvisioningConnectorConfig tag
wso2 wso2is wso2-am
asked Nov 26 '18 at 14:32
gusto2gusto2
5,2432922
add a comment |
0
0
0
We have a file-based SAML IdP configuration for WSO2AM-2.1.0 (similar to this one) and we'd like to migrate to wso2am-2.6.0
Using the same IdP cnofiguration file the IdP is not configured and in the logs we see:
ERROR - IdentityProvider Error while building default provisioning connector config for IDP oamidp.
Cause : No configured name found for ProvisioningConnectorConfig Building rest of the IDP configs
It's the XML file configuration in repository/conf/identity/identity-providers/
I found an example configuration documented in here https://docs.wso2.com/display/IS570/Configuring+a+SP+and+IdP+Using+Configuration+Files
I believe our configuration is compliant with the exaample (which is not mentioning any ProvisioningConnectorConfig tag
wso2 wso2is wso2-am
asked Nov 26 '18 at 14:32
gusto2gusto2
5,2432922
We have a file-based SAML IdP configuration for WSO2AM-2.1.0 (similar to this one) and we'd like to migrate to wso2am-2.6.0
Using the same IdP cnofiguration file the IdP is not configured and in the logs we see:
ERROR - IdentityProvider Error while building default provisioning connector config for IDP oamidp.
Cause : No configured name found for ProvisioningConnectorConfig Building rest of the IDP configs
It's the XML file configuration in repository/conf/identity/identity-providers/
I found an example configuration documented in here https://docs.wso2.com/display/IS570/Configuring+a+SP+and+IdP+Using+Configuration+Files
I believe our configuration is compliant with the exaample (which is not mentioning any ProvisioningConnectorConfig tag
wso2 wso2is wso2-am
wso2 wso2is wso2-am
asked Nov 26 '18 at 14:32
gusto2gusto2
5,2432922
asked Nov 26 '18 at 14:32
gusto2gusto2
5,2432922
asked Nov 26 '18 at 14:32
gusto2gusto2
5,2432922
asked Nov 26 '18 at 14:32
gusto2gusto2
5,2432922
asked Nov 26 '18 at 14:32
gusto2gusto2
5,2432922
5,2432922
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
0
the DefaultProvisioningConnectorConfig needs to be commented out when empty
<IdentityProvider>
<IdentityProviderName>oamidp</IdentityProviderName>
<DisplayName>oamidp</DisplayName>
<IdentityProviderDescription>Access Manager DEV</IdentityProviderDescription>
<Alias>oamidp</Alias>
<IsPrimary/>
<IsEnabled>true</IsEnabled>
<IsFederationHub/>
<HomeRealmId/>
<ProvisioningRole/>
<FederatedAuthenticatorConfigs>
<saml2>
<Name>SAMLSSOAuthenticator</Name>
<DisplayName>samlsso</DisplayName>
<IsEnabled>true</IsEnabled>
<Properties>
<property>
<Name>IdpEntityId</Name>
<Value>http://localhost/simplesaml/saml2/idp/metadata.php</Value>
</property>
<property>
<Name>IsLogoutEnabled</Name>
<Value>true</Value>
</property>
<property>
<Name>SPEntityId</Name>
<Value>https://wso2am-test/sp</Value>
</property>
<property>
<Name>SSOUrl</Name>
<Value>http://localhost/simplesaml/saml2/idp/SSOService.php</Value>
</property>
<property>
<Name>isAssertionSigned</Name>
<Value>false</Value>
</property>
<property>
<Name>commonAuthQueryParams</Name>
<Value/>
</property>
<property>
<Name>IsUserIdInClaims</Name>
<Value>false</Value>
</property>
<property>
<Name>IsLogoutReqSigned</Name>
<Value>false</Value>
</property>
<property>
<Name>IsAssertionEncrypted</Name>
<Value>false</Value>
</property>
<property>
<Name>IsAuthReqSigned</Name>
<Value>true</Value>
] </property>
<!-- there was a typo in the code, we have both values to be sure -->
<property>
<Name>ISAuthnReqSigned</Name>
<Value>true</Value>
</property>
<property>
<Name>IsAuthnRespSigned</Name>
<Value>true</Value>
</property>
<property>
<Name>LogoutReqUrl</Name>
<Value>https://logon-test.mycomp.com/oamfed/idp/samlv20</Value>
<!-- Value>false</Value -->
</property>
</Properties>
</saml2>
</FederatedAuthenticatorConfigs>
<DefaultAuthenticatorConfig>SAMLSSOAuthenticator</DefaultAuthenticatorConfig>
<ProvisioningConnectorConfigs/>
<!-- DefaultProvisioningConnectorConfig/ -->
<ClaimConfig>
<LocalClaimDialect>true</LocalClaimDialect>
<ClaimMappings>
</ClaimMappings>
</ClaimConfig>
<Certificate>MII....ZNYg=</Certificate>
<PermissionAndRoleConfig/>
<JustInTimeProvisioningConfig>
<UserStoreClaimUri/>
<ProvisioningUserStore/>
<IsProvisioningEnabled>false</IsProvisioningEnabled>
</JustInTimeProvisioningConfig>
</IdentityProvider>
answered Nov 26 '18 at 15:36
gusto2gusto2
5,2432922
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53483333%2fwso2am-2-6-0-file-based-saml-idp-configuration%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
0
the DefaultProvisioningConnectorConfig needs to be commented out when empty
<IdentityProvider>
<IdentityProviderName>oamidp</IdentityProviderName>
<DisplayName>oamidp</DisplayName>
<IdentityProviderDescription>Access Manager DEV</IdentityProviderDescription>
<Alias>oamidp</Alias>
<IsPrimary/>
<IsEnabled>true</IsEnabled>
<IsFederationHub/>
<HomeRealmId/>
<ProvisioningRole/>
<FederatedAuthenticatorConfigs>
<saml2>
<Name>SAMLSSOAuthenticator</Name>
<DisplayName>samlsso</DisplayName>
<IsEnabled>true</IsEnabled>
<Properties>
<property>
<Name>IdpEntityId</Name>
<Value>http://localhost/simplesaml/saml2/idp/metadata.php</Value>
</property>
<property>
<Name>IsLogoutEnabled</Name>
<Value>true</Value>
</property>
<property>
<Name>SPEntityId</Name>
<Value>https://wso2am-test/sp</Value>
</property>
<property>
<Name>SSOUrl</Name>
<Value>http://localhost/simplesaml/saml2/idp/SSOService.php</Value>
</property>
<property>
<Name>isAssertionSigned</Name>
<Value>false</Value>
</property>
<property>
<Name>commonAuthQueryParams</Name>
<Value/>
</property>
<property>
<Name>IsUserIdInClaims</Name>
<Value>false</Value>
</property>
<property>
<Name>IsLogoutReqSigned</Name>
<Value>false</Value>
</property>
<property>
<Name>IsAssertionEncrypted</Name>
<Value>false</Value>
</property>
<property>
<Name>IsAuthReqSigned</Name>
<Value>true</Value>
] </property>
<!-- there was a typo in the code, we have both values to be sure -->
<property>
<Name>ISAuthnReqSigned</Name>
<Value>true</Value>
</property>
<property>
<Name>IsAuthnRespSigned</Name>
<Value>true</Value>
</property>
<property>
<Name>LogoutReqUrl</Name>
<Value>https://logon-test.mycomp.com/oamfed/idp/samlv20</Value>
<!-- Value>false</Value -->
</property>
</Properties>
</saml2>
</FederatedAuthenticatorConfigs>
<DefaultAuthenticatorConfig>SAMLSSOAuthenticator</DefaultAuthenticatorConfig>
<ProvisioningConnectorConfigs/>
<!-- DefaultProvisioningConnectorConfig/ -->
<ClaimConfig>
<LocalClaimDialect>true</LocalClaimDialect>
<ClaimMappings>
</ClaimMappings>
</ClaimConfig>
<Certificate>MII....ZNYg=</Certificate>
<PermissionAndRoleConfig/>
<JustInTimeProvisioningConfig>
<UserStoreClaimUri/>
<ProvisioningUserStore/>
<IsProvisioningEnabled>false</IsProvisioningEnabled>
</JustInTimeProvisioningConfig>
</IdentityProvider>
answered Nov 26 '18 at 15:36
gusto2gusto2
5,2432922
add a comment |
0
the DefaultProvisioningConnectorConfig needs to be commented out when empty
<IdentityProvider>
<IdentityProviderName>oamidp</IdentityProviderName>
<DisplayName>oamidp</DisplayName>
<IdentityProviderDescription>Access Manager DEV</IdentityProviderDescription>
<Alias>oamidp</Alias>
<IsPrimary/>
<IsEnabled>true</IsEnabled>
<IsFederationHub/>
<HomeRealmId/>
<ProvisioningRole/>
<FederatedAuthenticatorConfigs>
<saml2>
<Name>SAMLSSOAuthenticator</Name>
<DisplayName>samlsso</DisplayName>
<IsEnabled>true</IsEnabled>
<Properties>
<property>
<Name>IdpEntityId</Name>
<Value>http://localhost/simplesaml/saml2/idp/metadata.php</Value>
</property>
<property>
<Name>IsLogoutEnabled</Name>
<Value>true</Value>
</property>
<property>
<Name>SPEntityId</Name>
<Value>https://wso2am-test/sp</Value>
</property>
<property>
<Name>SSOUrl</Name>
<Value>http://localhost/simplesaml/saml2/idp/SSOService.php</Value>
</property>
<property>
<Name>isAssertionSigned</Name>
<Value>false</Value>
</property>
<property>
<Name>commonAuthQueryParams</Name>
<Value/>
</property>
<property>
<Name>IsUserIdInClaims</Name>
<Value>false</Value>
</property>
<property>
<Name>IsLogoutReqSigned</Name>
<Value>false</Value>
</property>
<property>
<Name>IsAssertionEncrypted</Name>
<Value>false</Value>
</property>
<property>
<Name>IsAuthReqSigned</Name>
<Value>true</Value>
] </property>
<!-- there was a typo in the code, we have both values to be sure -->
<property>
<Name>ISAuthnReqSigned</Name>
<Value>true</Value>
</property>
<property>
<Name>IsAuthnRespSigned</Name>
<Value>true</Value>
</property>
<property>
<Name>LogoutReqUrl</Name>
<Value>https://logon-test.mycomp.com/oamfed/idp/samlv20</Value>
<!-- Value>false</Value -->
</property>
</Properties>
</saml2>
</FederatedAuthenticatorConfigs>
<DefaultAuthenticatorConfig>SAMLSSOAuthenticator</DefaultAuthenticatorConfig>
<ProvisioningConnectorConfigs/>
<!-- DefaultProvisioningConnectorConfig/ -->
<ClaimConfig>
<LocalClaimDialect>true</LocalClaimDialect>
<ClaimMappings>
</ClaimMappings>
</ClaimConfig>
<Certificate>MII....ZNYg=</Certificate>
<PermissionAndRoleConfig/>
<JustInTimeProvisioningConfig>
<UserStoreClaimUri/>
<ProvisioningUserStore/>
<IsProvisioningEnabled>false</IsProvisioningEnabled>
</JustInTimeProvisioningConfig>
</IdentityProvider>
answered Nov 26 '18 at 15:36
gusto2gusto2
5,2432922
add a comment |
0
0
0
the DefaultProvisioningConnectorConfig needs to be commented out when empty
<IdentityProvider>
<IdentityProviderName>oamidp</IdentityProviderName>
<DisplayName>oamidp</DisplayName>
<IdentityProviderDescription>Access Manager DEV</IdentityProviderDescription>
<Alias>oamidp</Alias>
<IsPrimary/>
<IsEnabled>true</IsEnabled>
<IsFederationHub/>
<HomeRealmId/>
<ProvisioningRole/>
<FederatedAuthenticatorConfigs>
<saml2>
<Name>SAMLSSOAuthenticator</Name>
<DisplayName>samlsso</DisplayName>
<IsEnabled>true</IsEnabled>
<Properties>
<property>
<Name>IdpEntityId</Name>
<Value>http://localhost/simplesaml/saml2/idp/metadata.php</Value>
</property>
<property>
<Name>IsLogoutEnabled</Name>
<Value>true</Value>
</property>
<property>
<Name>SPEntityId</Name>
<Value>https://wso2am-test/sp</Value>
</property>
<property>
<Name>SSOUrl</Name>
<Value>http://localhost/simplesaml/saml2/idp/SSOService.php</Value>
</property>
<property>
<Name>isAssertionSigned</Name>
<Value>false</Value>
</property>
<property>
<Name>commonAuthQueryParams</Name>
<Value/>
</property>
<property>
<Name>IsUserIdInClaims</Name>
<Value>false</Value>
</property>
<property>
<Name>IsLogoutReqSigned</Name>
<Value>false</Value>
</property>
<property>
<Name>IsAssertionEncrypted</Name>
<Value>false</Value>
</property>
<property>
<Name>IsAuthReqSigned</Name>
<Value>true</Value>
] </property>
<!-- there was a typo in the code, we have both values to be sure -->
<property>
<Name>ISAuthnReqSigned</Name>
<Value>true</Value>
</property>
<property>
<Name>IsAuthnRespSigned</Name>
<Value>true</Value>
</property>
<property>
<Name>LogoutReqUrl</Name>
<Value>https://logon-test.mycomp.com/oamfed/idp/samlv20</Value>
<!-- Value>false</Value -->
</property>
</Properties>
</saml2>
</FederatedAuthenticatorConfigs>
<DefaultAuthenticatorConfig>SAMLSSOAuthenticator</DefaultAuthenticatorConfig>
<ProvisioningConnectorConfigs/>
<!-- DefaultProvisioningConnectorConfig/ -->
<ClaimConfig>
<LocalClaimDialect>true</LocalClaimDialect>
<ClaimMappings>
</ClaimMappings>
</ClaimConfig>
<Certificate>MII....ZNYg=</Certificate>
<PermissionAndRoleConfig/>
<JustInTimeProvisioningConfig>
<UserStoreClaimUri/>
<ProvisioningUserStore/>
<IsProvisioningEnabled>false</IsProvisioningEnabled>
</JustInTimeProvisioningConfig>
</IdentityProvider>
answered Nov 26 '18 at 15:36
gusto2gusto2
5,2432922
the DefaultProvisioningConnectorConfig needs to be commented out when empty
<IdentityProvider>
<IdentityProviderName>oamidp</IdentityProviderName>
<DisplayName>oamidp</DisplayName>
<IdentityProviderDescription>Access Manager DEV</IdentityProviderDescription>
<Alias>oamidp</Alias>
<IsPrimary/>
<IsEnabled>true</IsEnabled>
<IsFederationHub/>
<HomeRealmId/>
<ProvisioningRole/>
<FederatedAuthenticatorConfigs>
<saml2>
<Name>SAMLSSOAuthenticator</Name>
<DisplayName>samlsso</DisplayName>
<IsEnabled>true</IsEnabled>
<Properties>
<property>
<Name>IdpEntityId</Name>
<Value>http://localhost/simplesaml/saml2/idp/metadata.php</Value>
</property>
<property>
<Name>IsLogoutEnabled</Name>
<Value>true</Value>
</property>
<property>
<Name>SPEntityId</Name>
<Value>https://wso2am-test/sp</Value>
</property>
<property>
<Name>SSOUrl</Name>
<Value>http://localhost/simplesaml/saml2/idp/SSOService.php</Value>
</property>
<property>
<Name>isAssertionSigned</Name>
<Value>false</Value>
</property>
<property>
<Name>commonAuthQueryParams</Name>
<Value/>
</property>
<property>
<Name>IsUserIdInClaims</Name>
<Value>false</Value>
</property>
<property>
<Name>IsLogoutReqSigned</Name>
<Value>false</Value>
</property>
<property>
<Name>IsAssertionEncrypted</Name>
<Value>false</Value>
</property>
<property>
<Name>IsAuthReqSigned</Name>
<Value>true</Value>
] </property>
<!-- there was a typo in the code, we have both values to be sure -->
<property>
<Name>ISAuthnReqSigned</Name>
<Value>true</Value>
</property>
<property>
<Name>IsAuthnRespSigned</Name>
<Value>true</Value>
</property>
<property>
<Name>LogoutReqUrl</Name>
<Value>https://logon-test.mycomp.com/oamfed/idp/samlv20</Value>
<!-- Value>false</Value -->
</property>
</Properties>
</saml2>
</FederatedAuthenticatorConfigs>
<DefaultAuthenticatorConfig>SAMLSSOAuthenticator</DefaultAuthenticatorConfig>
<ProvisioningConnectorConfigs/>
<!-- DefaultProvisioningConnectorConfig/ -->
<ClaimConfig>
<LocalClaimDialect>true</LocalClaimDialect>
<ClaimMappings>
</ClaimMappings>
</ClaimConfig>
<Certificate>MII....ZNYg=</Certificate>
<PermissionAndRoleConfig/>
<JustInTimeProvisioningConfig>
<UserStoreClaimUri/>
<ProvisioningUserStore/>
<IsProvisioningEnabled>false</IsProvisioningEnabled>
</JustInTimeProvisioningConfig>
</IdentityProvider>
answered Nov 26 '18 at 15:36
gusto2gusto2
5,2432922
answered Nov 26 '18 at 15:36
gusto2gusto2
5,2432922
answered Nov 26 '18 at 15:36
gusto2gusto2
5,2432922
answered Nov 26 '18 at 15:36
gusto2gusto2
5,2432922
5,2432922
add a comment |
add a comment |
draft saved
draft discarded
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53483333%2fwso2am-2-6-0-file-based-saml-idp-configuration%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
