如何将 WSO2 API Manager (AM) 1.10.0 与 PingFederate SAML 2.0 集成? [英] How to integrate WSO2 API Manager (AM) 1.10.0 with PingFederate SAML 2.0?
问题描述
如何将 WSO2 am 1.10.0 与 PingFederate SAML 2.0 集成?有什么指示吗?
How to integrate WSO2 am 1.10.0 with PingFederate SAML 2.0? Any instructions?
在 WSO2 网站上,我只看到了有关如何在 WSO2 产品中设置 SSO 的文档:https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2 .但我没有看到有关如何通过 SAML2 使用 PingFederate 等外部身份提供商启用 WSO2 AM 1.10.0 的文档.
From WSO2 web site, I only saw docs on how to set up SSO among WSO2 products: https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2 . But I did not see documentation on how to enable WSO2 AM 1.10.0 with external identity providers such as PingFederate via SAML2.
感谢任何帮助.
***更新:
我按照此处的说明操作 https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2 - 只是假设 WSO2 是 PingIdentity.对于大多数人来说,它正在工作,但我在订阅 API 时无法生成密钥.即使我已登录应用程序和订阅并且可以从/store UI 创建应用程序,它也会显示无效凭据".
I followed the instructions here https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2 - just assuming WSO2 IS as PingIdentity. For the mojority part it's working, but I cannot generate keys when subscribing to an API. It says "invalid credentials" even if I have logged into applications and subscriptions and can create applications from /store UI.
推荐答案
我可以确认,无需在图片中添加单独的 wso2 IS 服务器即可完成此操作.我通过以下方式修复了几个问题(无法生成密钥,无法发布 API 等):我解决此问题的方法是 1)在 api-manager.xml 中的 ApiKeyValidaor 中添加管理员用户,并通过管理控制台添加到管理员用户中并添加到用户-mgt.xml;2)在api-manager.xml里面:
I can confirm that this can be done without adding a separate wso2 IS server into the picture. I fixed several issues (Cannot generate keys, cannot publish APIs, etc..) by: What I did to fix the issue was to 1) add admin user inside ApiKeyValidaor in api-manager.xml also into admin user via management console and into user-mgt.xml; 2) Inside api-manager.xml:
更改以下内容:
https://${carbon.local.ip}:${mgt.transport.https.port}${carbon.context}/services/
https://${carbon.local.ip}:${mgt.transport.https.port}${carbon.context}/services/
到:https://[FQDN_OF_HOST}:${mgt.transport.https.port}${carbon.上下文}/服务/
to: https://[FQDN_OF_HOST}:${mgt.transport.https.port}${carbon.context}/services/
原因是我的服务器证书只记录了域名,没有记录ip地址.
Reason is my server certificate only recorded the domain name, not ip address.
这里也提到了解决方案:wso2 am 1.10.0 API Store:执行操作 generateApplicationKey 时发生错误"与提供的凭据无效."
The solution was also mentioned here: wso2 am 1.10.0 API Store: "Error occurred while executing the action generateApplicationKey" with " Invalid credentials provided."
这篇关于如何将 WSO2 API Manager (AM) 1.10.0 与 PingFederate SAML 2.0 集成?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
