Re: [Dev] [IS] Define the default authenticator/sequence to use a custom federated authenticator

Gayan Gunawardana Tue, 31 May 2016 18:34:29 -0700

On Tue, May 31, 2016 at 10:51 PM, Darshana Gunawardana <darsh...@wso2.com>
wrote:


> Hi Gayan,
>
> Ok.. What is the information you are looking for?
>

Changing default authenticator to Facebook authenticator in
/conf/identity/service-providers/default.xml does not work as expected. Is
there any thing wrong in my configuration ?

>
> Regards,
>
> On Tue, May 31, 2016 at 9:26 PM, Gayan Gunawardana <ga...@wso2.com> wrote:
>
>> with below configuration I am getting NPE
>>
>> <LocalAndOutBoundAuthenticationConfig>
>>         <AuthenticationSteps>
>>             <AuthenticationStep>
>>                 <StepOrder>1</StepOrder>
>>                 <!--LocalAuthenticatorConfigs>
>>                     <LocalAuthenticatorConfig>
>>                         <Name>BasicAuthenticator</Name>
>>                         <DisplayName>basicauth</DisplayName>
>>                         <IsEnabled>true</IsEnabled>
>>                     </LocalAuthenticatorConfig>
>>                 </LocalAuthenticatorConfigs-->
>>                 <FederatedIdentityProviders>
>>                  <IdentityProvider>
>>
>> <IdentityProviderName>facebook</IdentityProviderName>
>>                        <IsEnabled>true</IsEnabled>
>>                                      <DefaultAuthenticatorConfig>
>>
>> <FederatedAuthenticatorConfig>
>>
>> <Name>FacebookAuthenticator</Name>
>>
>> <IsEnabled>true</IsEnabled>
>>
>> </FederatedAuthenticatorConfig>
>>                                      </DefaultAuthenticatorConfig>
>>                  </IdentityProvider>
>>                 </FederatedIdentityProviders>
>>                 <SubjectStep>true</SubjectStep>
>>                 <AttributeStep>true</AttributeStep>
>>             </AuthenticationStep>
>>         </AuthenticationSteps>
>>     </LocalAndOutBoundAuthenticationConfig>
>>
>> ERROR
>> {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
>> -  Exception in Authentication Framework
>> java.lang.NullPointerException
>>     at
>> org.wso2.carbon.identity.application.authentication.framework.config.builder.UIBasedConfigurationBuilder.loadFederatedAuthenticators(UIBasedConfigurationBuilder.java:169)
>>     at
>> org.wso2.carbon.identity.application.authentication.framework.config.builder.UIBasedConfigurationBuilder.getSequence(UIBasedConfigurationBuilder.java:108)
>>     at
>> org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade.getSequenceConfig(ConfigurationFacade.java:66)
>>     at
>> org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.findPreviousAuthenticatedSession(DefaultRequestCoordinator.java:302)
>>     at
>> org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.initializeFlow(DefaultRequestCoordinator.java:256)
>>     at
>> org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.handle(DefaultRequestCoordinator.java:119)
>>     at
>> org.wso2.carbon.identity.application.authentication.framework.CommonAuthenticationHandler.doPost(CommonAuthenticationHandler.java:46)
>>     at
>> org.wso2.carbon.identity.application.authentication.framework.CommonAuthenticationHandler.doGet(CommonAuthenticationHandler.java:37)
>>     at
>> org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint.sendRequestToFramework(OAuth2AuthzEndpoint.java:875)
>>     at
>> org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint.authorize(OAuth2AuthzEndpoint.java:191)
>>
>>
>>
>>
>> On Sun, May 29, 2016 at 7:41 PM, Darshana Gunawardana <darsh...@wso2.com>
>> wrote:
>>
>>> Also there are few complications when configuring federated scenario for
>>> a file based service provider. Following JIRA has more information.
>>>
>>> https://wso2.org/jira/browse/IDENTITY-4581
>>>
>>> For an elegant solution, it should fix above JIRA first. Otherwise you
>>> will be endup with duplicating the full IdP configuration inside the
>>> service provider config.
>>>
>>>
>>> On Sun, May 29, 2016 at 7:31 PM, Darshana Gunawardana <darsh...@wso2.com
>>> > wrote:
>>>
>>>> Hi Farasath,
>>>>
>>>> It seems like my assumption is wrong. As per the code [1] doesn't read
>>>> from application-authentication.xml to read default behaviour. It is
>>>> reading from default service provider file
>>>> (/conf/identity/service-providers/default.xml). IMO this is a bug, it need
>>>> to pick that behaviour from the application-authentication.xml.
>>>>
>>>> [1]
>>>> https://github.com/wso2/carbon-identity-framework/blob/master/components/application-mgt/org.wso2.carbon.identity.application.mgt/src/main/java/org/wso2/carbon/identity/application/mgt/ApplicationManagementServiceImpl.java#L799:L806
>>>>
>>>> Regards,
>>>>
>>>> On Sun, May 29, 2016 at 4:51 PM, Farasath Ahamed <farasa...@wso2.com>
>>>> wrote:
>>>>
>>>>>
>>>>> Hi All,
>>>>>
>>>>> When trying to set the "*Local & Outbound Authentication
>>>>> Configuration*" for a Service Provider I noticed a default option. If
>>>>> someone wants to use a custom/federated authenticator as the default 
>>>>> option
>>>>> how can we achieve this?
>>>>>
>>>>> Based on a discussion with Darshana, I tried to achieve this by
>>>>> modifying the default sequence in application-authentication.xml file 
>>>>> found
>>>>> at IS_HOME/repository/conf/identity as below,
>>>>>
>>>>> <Sequences>
>>>>> <!-- Default Sequence. This is mandatory -->
>>>>> <Sequence appId="default">
>>>>> <Step order="1">
>>>>> <Authenticator name="OpenIDConnectAuthenticator" />
>>>>> </Step>
>>>>> </Sequence>
>>>>> </Sequences>
>>>>>
>>>>> Even then I am redirected to use the default BasicAuthenticator
>>>>> (username and password). Are there any other changes that need to be done
>>>>> to engage a federated/custom authenticator as the default throughout IS?
>>>>>
>>>>>
>>>>> Thanks,
>>>>> Farasath Ahamed
>>>>> Software Engineer,
>>>>> WSO2 Inc.; http://wso2.com
>>>>> lean.enterprise.middleware
>>>>>
>>>>>
>>>>> Email: farasa...@wso2.com
>>>>> Mobile: +94777603866
>>>>> Blog: blog.farazath.com
>>>>> Twitter: @farazath619 <https://twitter.com/farazath619>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Regards,
>>>>
>>>>
>>>> *Darshana Gunawardana*Senior Software Engineer
>>>> WSO2 Inc.; http://wso2.com
>>>>
>>>> *E-mail: darsh...@wso2.com <darsh...@wso2.com>*
>>>> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware
>>>>
>>>
>>>
>>>
>>> --
>>> Regards,
>>>
>>>
>>> *Darshana Gunawardana*Senior Software Engineer
>>> WSO2 Inc.; http://wso2.com
>>>
>>> *E-mail: darsh...@wso2.com <darsh...@wso2.com>*
>>> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Gayan Gunawardana
>> Software Engineer; WSO2 Inc.; http://wso2.com/
>> Email: ga...@wso2.com
>> Mobile: +94 (71) 8020933
>>
>
>
>
> --
> Regards,
>
>
> *Darshana Gunawardana*Senior Software Engineer
> WSO2 Inc.; http://wso2.com
>
> *E-mail: darsh...@wso2.com <darsh...@wso2.com>*
> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware
>



-- 
Gayan Gunawardana
Software Engineer; WSO2 Inc.; http://wso2.com/
Email: ga...@wso2.com
Mobile: +94 (71) 8020933

_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] Define the default authenticator/sequence to use a custom federated authenticator

Reply via email to