How do I connect the WS-Trust connector of WSO2 Identity Server?

Strictly for IS versions 5.11.0-m25+

Trying to connect the connector?

Why is it provided as a connector?

But why?

WS-Trust functionality has been implemented a long time back in WSO2 Identity Server and it contains outdated dependencies which will not have the latest security security fixes. So because of that we have moved this as a connector to avoid exposure of those to the default product. To fix this WS-Trust functionality should be re implemented using newer OpenSAML version and should be provided with the default product rather than a connector also we should avoid using both wso2-wss4j and wso2-rampart because those do not get updated with the new dependencies.

How do I add it as a connector?

Follow the processes:

• Clone the repository wso2-extensions/identity-inbound-auth-sts using the command:

git clone https://github.com/wso2-extensions/identity-inbound-auth-sts.git

• Open the cloned repository through an IDE and open a terminal.
• Checkout to the relevant tag which relates to your product version using the command:

git checkout v5.6.x

• Build the repository using the command:

mvn clean install

• Navigate to components/org.wso2.carbon.sts.connector/target.
• Copy the zip file named org.wso2.carbon.sts.connector-5.6.x.zip.
• Navigate to PRODUCT_HOME paste the zip file and extract it.

If your using MacOS/Ubuntu:

1. Move into the extracted_folder and execute the commands:chmod u+r+x setup_sts.sh and setup_sts.sh.

Else:

1. Navigate to extracted_folder/dropins copy the jars in the location to PRODUCT_HOME/repository/components/dropins.
2. Navigate to extracted_folder/deployment-client-modules copy the mar file in the location to PRODUCT_HOME/repository/deployment/client/modules.

• After executing the commands or following the processes you have successfully added the connector into the product.

Done and Dusted!

• Go back to the PRODUCT_HOME and delete the extracted_folder.

How can I test if the connector works?

Will this work?

You can follow the brief blog Quick Test WS-Trust with WSO2 Identity Server to tested out whether it works properly. If not please be kind enough to report as issue at GitHub.

Will this be a connector forever?

Storms don’t last forever?

No. This will be re implemented and provided through the default product in the near future. For more updates please refer the GitHub issue.

And finally it’s a goodbye from me. See you guys later!