everything I know

From the top of my mind…


Leave a comment

Session Based Custom Authenticator with WSO2 IS – Part 3

Hello friends!

This is the part 3 of implementing our own customized authentication flow based on session data with WSO2 Identity Server 5.3.0. If you didn’t see the first and second parts of the project, please read them before continuing. In the first post, we wrote a custom data publisher and invoke that class in the authentication flow. At first, it only logged session information each time a session related operation happens. In the second phase, we enhanced this data publisher to actually push session data to a database table. Today we’re going to use those data to limit users from having more than one session.

Continue reading


1 Comment

Session Based Custom Authenticator with WSO2 IS – Part 2

What’s up, folks? πŸ˜€

It’s the part 2 of implementing our own customized authentication flow with WSO2 Identity Server 5.3.0. If you didn’t see the first part of the post, please see it here. In that post, we wrote a custom data publisher and invoke that class in the authentication flow. At the moment it only logs session information each time a session related operation happens. Today we’ll try to save this information in a database so that we can use it for our custom authentication validator.

Continue reading


2 Comments

Session Based Custom Authenticator with WSO2 IS – Part 1

When a user authenticates with the WSO2 Identity Server, a session is created. These sessions are stored as session context objects, against the commonAuthId cookie in WSO2 implementation. Information about the logged in user is inside these session objects. But, there are times where we want to query these sessions by passing the user. A practical example is where we want to allow only one session for each user. i.e. a user in the system can be logged in by only one device or browser. We have to query all active sessions for a user and validate when he’s trying to log into the system.

Continue reading


Leave a comment

Connecting Microsoft Azure Active Directory to WSO2 Identity Server

Hi all,

Today I’m going to walk through how we can connect Microsoft Azure Active Directory with WSO2 Identity Server as a federated identity provider. First of all, if you’re not familiar with Azure AD, you can read about it from here.

“Azure Active Directory (Azure AD) is Microsoft’s multi-tenant, cloud-based directory, and identity management service that combines core directory services, application access management, and identity protection into a single solution.”

To follow this guide, you’ll need below components.

  • Latest WSO2 IS server. You can download from here.
  • Sample web application. I’m using WSO2 SAML SSO sample application. Please see this post to configure it.
  • Microsoft Azure account. (Trial account is also OK)

Continue reading


1 Comment

Running SAML2 SSO sample with WSO2 IS

What’s up people? πŸ˜€

Today I’m going to talk about how you can easily run the SAML2 based single-sign-on sample with WSO2 Identity Server. SAML stands for Security Assertion Markup Language and SAML2 is a version of the SAML standard for exchanging authentication and authorization data between security domains. You can read more about SAML2 here.

As a prerequisite, you’ll need to download a WSO2 IS setup first, from here. Apart from that, you’ll need a tomcat web server to deploy the sample applications. I’m using Ubuntu as my operating system, but you can run on Windows as well.

Continue reading


Leave a comment

Fixing an Issue in a FOSS Project

Hi all!

This is the first post I’m writing under the new category, IS Diaries. The post talks about what I learned first when I started working in WSO2 Identity Server.

Fixing a small issue in a project is the best way to get familiarize with its code while doing something useful. Even though I talk about wso2/product-is repository, most of these points will be applicable to any other WSO2 project as well as any other FOSS repository.

Continue reading