User Password Hashing with WSO2 Identity Server (WSO2IS)
If you are storing end user passwords, It must be stored as hashed value.. not as encrypted or plain text. Because; once it is stored as hashed, it is hard to find the actual password out of it. So, it...
View ArticleConfigure KeyStore (JKS) files in WSO2 products in Production
Lets discuss; How you can properly configure KeyStores in WSO2 products based on Carbon 4.2.X. There are two main keystores in all products which are, 1. Primary KeyStore which is used for SSL 2....
View ArticleConfigure Multiple Federated Identity Providers with WSO2 Identity Server...
In my previous posts, we tried the federation authentication with WSO2IS and other third party identity provider such as Salesforce, Google IDP, Shibboleth and so on. You can find them from here In...
View ArticleCustom notification module for account management in WSO2 Identity Server...
WSO2IS supports for account recovery/validation using identity management features. By default; it is supported to send the user notifications using emails. WSO2IS contains an email sending module with...
View ArticleResolving ERR_SSL_WEAK_EPHEMERAL_DH_KEY error in WSO2 Products (Server has a...
With latest browsers (Firefox v39.0, Chrome v45.0) you would probably be hit by following issue due to use of weak DHE ciphers for SSL communication in the WSO2 products. To resolve this issue, you...
View ArticleDeployment pattern of WSO2 Identity Server in production
In my previous blog post, we understood how to deploy in WSO2IS with proxy server or load balancer. But it is about a basic deployment. When it comes to the real production. Lets try to understand the...
View ArticleHow to configure session time out in WSO2 Identity Server (WSO2IS)
I have seen many queries on configuring SSO session time out in WSO2IS. First, you need to understand that WSO2IS creates separate SSO session for SSO login and it is different from the session which...
View ArticleMutual SSL (X.509 Certificate) grant type for OAuth2
We have already discussed on implementing custom grant types for OAuth2 in this blog post. Today, we are going to implement a Mutual SSL (X.509 certificate) based grant type for WSO2IS/APIM Following...
View ArticleJIT provisioning & user association with WSO2IS
Federated users can be provisioned to WSO2IS local user store using JIT provisioning. But; WSO2IS can not enforce end users to enter new attributes for provisioning. But; WSO2IS 5.3.0 contains new...
View ArticleExchanging An OAuth2 Access token for An OpenAM Cookie (Cookie base OAuth2...
OpenAM provides a set of REST APIs to authenticate the users with username/password & validates the authenticated user’s sessions. Assume that there is an application which has been implemented to...
View Article
More Pages to Explore .....