Wednesday, April 29, 2015

Deploy InfoRecoverySample in WSO2 IS

Steps:
WSO2IS 5.0.0

1. Download the source code from
https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/products/is/5.1.0/modules/samples/InfoRecoverySample/

2. Configure the following in web.xml file
a. Specify the "carbonServerUrl" with the URL of the Identity Server. eg: https://localhost:9443
b. Specify the credentials to access Identity Server, "accessUsername" as admin and "accessPassword" as admin.
c. Specify the trustStore absolute resource path for "trustStorePath", eg: <IS_HOME>
/repository/resources/security/client-truststore.jks

3. Update the following entry in sso.properties file
SAML.ConsumerUrl=https://localhost:9443/InfoRecoverySample/home.jsp

4. Exclude the slf4j-api jar from pom.xml file.

<dependency>
  <groupId>org.wso2.carbon</groupId>
  <artifactId>org.wso2.carbon.identity.sso.agent</artifactId>
  <version>1.2.0</version>
  <exclusions>
  <exclusion>
  <groupId>org.slf4j</groupId>
  <artifactId>slf4j-api</artifactId>
  </exclusion>
  </exclusions>
</dependency>

4. Build the source mvn clean install

5. Copy the InfoRecoverySample.war to the <IS_HOME>/repository/deployment/server/webapps 

6. Configure the email confirmation links.
a. To configure for password reset call back in Identity Server (in <IS_HOME>/repository/conf/email/email-admin-config.xml with email type as type="passwordReset")
according to the sample as follows. This will be the confirmation handler path of the user's confirmation.

Eg:

<configuration type="passwordReset">
<targetEpr>https://localhost:9443/InfoRecoverySample/infoRecover/verify</targetEpr>
<subject>WSO2 Carbon - Password Reset</subject>
<body>
Hi {first-name}
We received a request to change the password on the {user-name} account associated with this e-mail address. If you made this request, please click the link below to securely change your password:

https://localhost:9443/InfoRecoverySample/infoRecover/verify?username={user-name}&amp;confirmation={confirmation-code}

If clicking the link doesn't seem to work, you can copy and paste the link into your browser's address window.
If you did not request to have your {user-name} password reset, simply disregard this email and no changes to your account will be made.
</body>
<footer>
Best Regards,
WSO2 Carbon Team
http://www.wso2.com
</footer>
<redirectPath></redirectPath>
</configuration>

Please refer the Identity Server documentation for sample email template in https://docs.wso2.com/display/IS500/Recover+with+Notification

b. To configure for account confirmation in Self sign up provide the configuration in email-admin-config.xml
with email type as "accountConfirmation". Following is the call back handler for the sample.
<targetEpr>https://localhost:9443/InfoRecoverySample/confirmReg</targetEpr>

7. Configure the identity-mgt.properties file attributes as follows in the Identity Server (in <IS_HOME>/repository/conf/security/identity-mgt.properties)

Identity.Listener.Enable=true
Notification.Sending.Enable=true
Notification.Expire.Time=7200
Notification.Sending.Internally.Managed=true
UserAccount.Recovery.Enable=true
Captcha.Verification.Internally.Managed=true



8. Edit the axis.xml file with the following configuration. This file is found in the <IS_HOME>/repository/conf/axis2/directory. Uncomment the following in the file and provide the necessary email settings.

<transportSender name="mailto"

class="org.apache.axis2.transport.mail.MailTransportSender">
    <parameter name="mail.smtp.from">sampleemail@gmail.com</parameter>
    <parameter name="mail.smtp.user">sampleemail</parameter>
    <parameter name="mail.smtp.password">password</parameter>
    <parameter name="mail.smtp.host">smtp.gmail.com</parameter>
    <parameter name="mail.smtp.port">587</parameter>
    <parameter name="mail.smtp.starttls.enable">true</parameter>
    <parameter name="mail.smtp.auth">true</parameter>
</transportSender>

9. Now restart the server and register new SP as shown in the image below
 
Assertion Consumer URL = https://localhost:9443/InfoRecoverySample/home.jsp
Enable Single Logout = https://localhost:9443/InfoRecoverySample/home.jsp

10: Access the sample with https://localhost:9443/InfoRecoverySample

Refer: 
https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/products/is/5.1.0/modules/samples/InfoRecoverySample/README.txt

No comments: