In current App Manager the service providers of tenants are getting created in the super tenant space.
We are in the process of creating the service providers in the relevant tenants. In the app manager gateway, we use SAML SSO to authenticate the users, and the aforementioned service providers are used. When it comes to validating the the SAML response signature, I can see that we can re-use *org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil::getX509CredentialImplForTenant()* As per the code, it uses the tenant key store to get the certificates. And we can get the certificate by using the tenant name as the alias @IS team, do you see any issues with re-using this code in our gateway ? @Amila, in a cloud story do we need to configure the key aliases for each tenant or can we live with the default alias (which is the tenant domain name) ? -- *Best Regards* *Rushmin Fernando* *Technical Lead* WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware mobile : +94772891266
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev