SAML and OpenID SSO with WSO2 Identity server

0
votes

I'm trying to achieve SSO among different application. The applications are:

  1. API Manager 1.7.0 Store
  2. API Manager 1.7.0 Publisher
  3. Liferay 6.2

I managed to configure Liferay to login through Identity Server Openid and to configure API Manager to login through Identity Server generated SAML Token as detailed in API Manager documentation.
The SSO is working well between api store and api publisher.

The problem is that I can't achieve SSO between Liferay and API Manager. If I login to liferay with openID and I open the store or publisher URL the user is asked for username and password again.

How can I configure the IS to implement the desired scenario?

Thanks, Paolo

1
wso2single-sign-onopenidsamlwso2is

1 Answers

1
votes

Are you using IS 5.0.0 version? Normally it would create a same session for all the login in IS 5.0.0 version. it means, if you login with OpenID, SAML2 or OAuth2, it does not matter, IS creates a common session for given user. Normally it should not ask the password again. If it is asked, it can be a bug. Can you just check whether there is a cookie called commonauthid in the browser? If you are using some older version of IS, you can enable the this property <AcceptOpenIDLogin>false</AcceptOpenIDLogin> in identity.xml file