Re: [Dev] [AS-6.0.0] [SAML-SSO] Sending authenticated user attributes to webapp

On Tue, Aug 30, 2016 at 12:04 PM, Sagara Gunathunga wrote: > > > On Tue, Aug 30, 2016 at 11:37 AM, Kishanthan Thangarajah < > kishant...@wso2.com> wrote: > >> AS 6.0.0 is not an OSGi runtime. It's pure tomcat plus WSO2 features >> as tomcat extensions. We could reuse the code

Re: [Dev] [AS-6.0.0] [SAML-SSO] Sending authenticated user attributes to webapp

On Tue, Aug 30, 2016 at 11:37 AM, Kishanthan Thangarajah < kishant...@wso2.com> wrote: > AS 6.0.0 is not an OSGi runtime. It's pure tomcat plus WSO2 features > as tomcat extensions. We could reuse the code here from App Manager. > > @Johann/Sagara, shall we send the user attributes as JWT token

Re: [Dev] [AS-6.0.0] [SAML-SSO] Sending authenticated user attributes to webapp

Also we have sample tomcat valve[1] and filter[2] written, that shows app can be used JWT token to identify the user and add to session. You should be able to use them as well in samples. [1] https://github.com/wso2/product-app-manager/tree/master/modules/samples/JWTSecurity/Valve/Tomcat_8 [2]

Re: [Dev] [AS-6.0.0] [SAML-SSO] Sending authenticated user attributes to webapp

On Tue, Aug 30, 2016 at 11:37 AM, Kishanthan Thangarajah < kishant...@wso2.com> wrote: > AS 6.0.0 is not an OSGi runtime. It's pure tomcat plus WSO2 features > as tomcat extensions. We could reuse the code here from App Manager. > Ah Ok. You can get the AppM code from here [1]. [1]

Re: [Dev] [AS-6.0.0] [SAML-SSO] Sending authenticated user attributes to webapp

AS 6.0.0 is not an OSGi runtime. It's pure tomcat plus WSO2 features as tomcat extensions. We could reuse the code here from App Manager. @Johann/Sagara, shall we send the user attributes as JWT token to backend webapp? On Tue, Aug 30, 2016 at 11:27 AM, Dinusha Senanayaka

Re: [Dev] [AS-6.0.0] [SAML-SSO] Sending authenticated user attributes to webapp

On Tue, Aug 30, 2016 at 11:27 AM, Dinusha Senanayaka wrote: > In App Manager, we process the SAML response and add SAML response > assertions as JWT token and send to backend as a header. Shouldn't we try > to install AppM features and get the gateway features into AS without >

Re: [Dev] [AS-6.0.0] [SAML-SSO] Sending authenticated user attributes to webapp

In App Manager, we process the SAML response and add SAML response assertions as JWT token and send to backend as a header. Shouldn't we try to install AppM features and get the gateway features into AS without redoing the same ? Regards, Dinusha. On Mon, Aug 29, 2016 at 8:50 PM, Kishanthan

Re: [Dev] [AS-6.0.0] [SAML-SSO] Sending authenticated user attributes to webapp

On Mon, Aug 29, 2016 at 8:57 PM, Sagara Gunathunga wrote: > > > On Mon, Aug 29, 2016 at 8:50 PM, Kishanthan Thangarajah < > kishant...@wso2.com> wrote: > >> We need to send the user attributes that are returned from SAML response >> with the successful authentication, to the

Re: [Dev] [AS-6.0.0] [SAML-SSO] Sending authenticated user attributes to webapp

On Mon, Aug 29, 2016 at 8:50 PM, Kishanthan Thangarajah wrote: > We need to send the user attributes that are returned from SAML response > with the successful authentication, to the webapp using some way. We > discussed whether we could send this as a session attribute or

[Dev] [AS-6.0.0] [SAML-SSO] Sending authenticated user attributes to webapp

We need to send the user attributes that are returned from SAML response with the successful authentication, to the webapp using some way. We discussed whether we could send this as a session attribute or using a request parameter. @Kalpa, let's create a jira for this and add this to change to