As you all know that WSO2 Identity Server uses the STS(Security Toke Service) as an implementation for WS-Trust which is capable of issuing SAML1.1 and 2.0 tokens. This API can be secured with any WS-Security mechanism. So, if you want to test out the
UserNameTokenscenario you can use the following client instead of the one located at Identity Server Distribution.
- If you are using IS versions 5.11.0-m25+ you might want to add the connector.
- Download the Identity Server Distribution through WSO2 Official Site.
- Run the server by executing the command
- Access it through https://localhost:9443/carbon/ and login with admin as the username and password.
- On the Main tab, click Identity > Identity Providers > Resident.
You’ll be redirected to the following page:
- Insert the values localhost, 15 and 2 to the fields Home Realm Identifier, Idle Session Time Out and Remember Me Period.
- Click on Update.
- Expand the Inbound Authentication Configuration section, click Security Token Service Configuration > Apply Security Policy.
- Select Yes in the Enable Security? dropdown and select a pre-configured security scenario according to your requirements. For this client, use UsernameToken under the Basic Scenarios section.
- Click Next. The user domain and user group selection appear as follow.
- Select ALL-USER-STORE-DOMAINS for Select Domain and admin for User Groups.
- Click Finish. Click Ok on the confirmation dialog window that appears. Click Update to complete the process.
- On the Main menu, click Identity > Service Providers > Add.
- Fill in the Service Provider Name and provide a brief Description of the service provider. Only the Service Provider Name is a required field. And click on Register.
- Under the Inbound Authentication Configuration section, click WS-Trust Security Token Service Configuration > Configure. The STS Configuration page appears.
- Enter values https://localhost:9444/services/echo for the Endpoint Address and wso2carbon for the Certificate Alias. And click on Apply then, click on Update.
Testing Out Scenario
- Visit the GitHub repository sample-sts-client.
- Clone the repository with the command
- Run the command
mvn clean installon the root directory.
- After that run the client using the command
java -cp ws-trust-client/target/ws-trust-client-1.0-SNAPSHOT.jar org.wso2.samples.is.sts.wstrust.client.Client.
- You will be able to see both the requests and responses sent clearly.