1

i have a question for WSO2 experts, maybe some devs from this team could also help.

i'm looking for any tutorial, example or step-by-step description of how to create, deploy and use custom identity authenticator in WSO2. of course this should be compatible with newest WSO2 server (5.0), so exmaple from link doesn't fit in.

i know that i should implement AbstractApplicationAuthenticator and i know that there is authenticator.xml where i could put my custom implemetation. but what about application-authentication.xml ? is this all configuration file? how i can make my Service Providers to work with this new authenticator but leave admin console of Carbon server working with default login mechanism ?

thank you for any ideas

user3725390
  • 11
  • 2

1 Answers1

1

Firstly application-authenticators are the ones handling user authentication through applications for which we create a service prodiver app in IS 5.0.0. For your scenario you don't need to do any modifications to authenticators.xml. Implement your custom authenticator and add corresponding entries to application-authentication.xml

Secondly in IS 5.0.0 there is concept called Local Authentication or Federated Authentication. If the IS is going to handle complete flow of the authentication through your custom authenticator you need to implement LocalAuthenticator in addition to AbstractApplicationAuthenticator. But if your authenticator will access some third party identity provider such as Google or Facebook it needs to implement FederatedAuthenticator in addition to AbstractApplicationAuthenticator.

Once you deploy your authenticator it will be available to you to be engaged to a service provider app. When you create a service provider app you can choose your authenticator or any other available one. This won't change the default login mechanism of Carbon server.

Ragavan
  • 997
  • 7
  • 11
  • Ok, thanks, that sounds good and i manage to make my custom authenticator to showup in 'Local Authentication'. But i'm not sure how i made it to deploy it, cause i made few trials before it started to work. is it enought to place compiled jar file with authenticator in /dropins folder? how authenticator is connected with xml configuration - is it by 'getFriendlyName' ? and what is the meaning of sequence steps in authenticator configuration? – user3725390 Jun 11 '14 at 07:38
  • If you build your custom authenticator as a bundle put in dropins or if you have built as jar, put in lib. Not the friendly name, you must map the name returned by the getName method. The following link will help you to understand the sequence steps, https://docs.wso2.org/display/IS500/Configuring+Local+and+Outbound+Authentication+for+a+Service+Provider – Ragavan Jun 11 '14 at 14:45