Not able to run sample sso example travelocity.com on WSo2 identity server

Question

I am trying to run the sample travelocity.com on my tomcat web server and use WSO2 Identity server as as Identity provider (IdP). I deployed travelocity.com.war on my local tomcat and accessed the application with http://localhost:8080/travelocity.com , it got re-directed to WSo2 identity server to https://localhost:9443/samlsso and gave error as

  "SAML 2.0 based Single Sign-On
    Error when processing the authentication request!
    Please try login again."

The error in my catalina.log file in local tomcat is

INFO: Deployment of web application directory C:\Users\258155\Desktop\Tomcat\webapps\SAMLTestTool has finished in 359 ms
Jul 27, 2016 3:22:39 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
Jul 27, 2016 3:22:39 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["ajp-bio-8009"]
Jul 27, 2016 3:22:39 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 28075 ms
Jul 27, 2016 3:36:50 PM org.wso2.sample.is.sso.agent.SSOAgentSampleFilter doFilter
INFO: SAML2 HTTP Binding not found in request. Defaulting to HTTP-POST

Have not made any changes to travelocity.properties file which got generated with sample war and is default one

#  Copyright (c) WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
#
#  WSO2 Inc. licenses this file to you under the Apache License,
#  Version 2.0 (the "License"); you may not use this file except
#  in compliance with the License.
#  You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing,
#  software distributed under the License is distributed on an
#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
#  KIND, either express or implied.  See the License for the
#  specific language governing permissions and limitations
#  under the License.


EnableSAML2SSOLogin=true
EnableOpenIDLogin=true
EnableOAuth2SAML2Grant=false

#Url to do send SAML2 SSO AuthnRequest
SAML2SSOURL=samlsso

#Url to do initiate OAuth2 SAML2 Grant Request
OAuth2SAML2GrantURL=token

#Url to initiate OpenID Authentication Request
OpenIdURL=openid

#URIs to skip SSOAgentFilter; comma separated values
SkipURIs=/travelocity.com/index.jsp

#A unique identifier for this SAML 2.0 Service Provider application
SAML2.SPEntityId=travelocity.com

#The URL of the SAML 2.0 Assertion Consumer
SAML2.AssertionConsumerURL=http://localhost:8080/travelocity.com/home.jsp

#A unique identifier for this SAML 2.0 Service Provider application
SAML2.IdPEntityId=localhost

#The URL of the SAML 2.0 Identity Provider
SAML2.IdPURL=https://localhost:9443/samlsso

#Identifier given for the Service Provider for SAML 2.0 attributes 
#exchange
#SAML2.AttributeConsumingServiceIndex=1701087467

#Specify if SingleLogout is enabled/disabled
SAML2.EnableSLO=true

#This is the URL that is used for SLO
SAML2.SLOURL=logout

#Specify if SAMLResponse element is signed
SAML2.EnableResponseSigning=true

#Specify if SAMLAssertion element is signed
SAML2.EnableAssertionSigning=true

#Specify if SAMLAssertion element is encrypted
SAML2.EnableAssertionEncryption=false

#Specify if AuthnRequests and LogoutRequests should be signed
SAML2.EnableRequestSigning=true

#Password of the KeyStore for SAML and OpenID
KeyStorePassword=wso2carbon

#Alias of the IdP's public certificate
IdPPublicCertAlias=wso2carbon

#Alias of the SP's private key 
PrivateKeyAlias=wso2carbon

#Private key password to retrieve the private key used to sign 
#AuthnRequest and LogoutRequest messages
PrivateKeyPassword=wso2carbon

#OAuth2 token endpoint URL
OAuth2.TokenURL=https://localhost:9443/oauth2/token

#OAuth2 Client ID
OAuth2.ClientId=Qn5DQHCYfshxeZh6R9SL1HM2lsMa

#OAuth2 Client Secret
OAuth2.ClientSecret=cbkAs1gajdwPAMbrSR54hPAIcz0a

#OpenId Provider Url
OpenId.ProviderURL=https://localhost:9443/openid/

#openid.return_to parameter
OpenId.ReturnToURL=http://localhost:8080/travelocity.com/home.jsp

#Custom SAML post binding request page
#SAML.PostBinding.RequestPage=path/to/the/html

#Additional request parameters
#QueryParams=tenantDomain=-1234

#SAML2.IsForceAuthn=true

#Specify whether the consumer requests user attributes from the provider
OpenId.EnableAttributeExchange=true

#Specify whether the consumer runs in dumb mode
OpenId.EnableDumbMode=false

The Service Provider settings at WSo2 identity server is default and as asked in the article

  https://docs.wso2.com/display/IS500/Configuring+Single+Sign-On+with+SAML+2.0

I have two questions (1) What is the reason for error thrown while running and accesing sample travelocity.com application using SAMl SSO (2) If i have to implement the SAMl SSO using WSO2 identity server in my already running java application ( without Single Sign-On ), what changes have to be done at my application end. because here we can see there is travelocity.properties file and some coding ( around 4 files:- ForwardingServlet.java, SampleAttributesRequestor.java, SampleContextEventListener.java, SSOAgentSampleFilter.java) to redirect the first request to Identity provider https://localhost:9443/samlsso What changes i will have to do at my application end.

Hi and welcome to Stackoverflow! Please take a minute and read this tutorial for better questions, especially examples about good and bad titles: stackoverflow.com/help/how-to-ask - everything else looks good! — Jurik
Did you found the catch. I am too getting the same issue. Followed the documentation and the blogs. — Sushil

thariyarox thariyarox · Accepted Answer · 2016-08-19T18:43:37

You can follow step by step guide in [1] for setting up travelocity app.

[1] http://tharindue.blogspot.com/2015/04/setup-travelocitycom-sample-web-app.html

Not able to run sample sso example travelocity.com on WSo2 identity server

3 Answers