how to logout wso2 via keycloak sso - wso2-api-manager

I have deployed wso2am-4.0.0, and configured sso with keycloak oidc. Everythin worked fine but logout failed, it didn't loutout from https://am-domain:9443/publisher.I am searching for a long time on net. But no use. Please help or try to give some ideas how to achieve this

Related

ShinyProxy and authentication with IdentityServer4

My ShinyProxy is up and running. If I use the authentication basic, it is working. I wanted to connect the ShinyProxy with my IdentityServer4.
Follow the documentation of ShinyProxy, I configure my ShintProxy as follow:
proxy:
title: Open Analytics Shiny Proxy
port: 8080
authentication: openid
admin-groups: scientists
openid:
auth-url: https://myidentityserver4/connect/authorize
token-url: https://myidentityserver4/connect/token
jwks-url: https://myidentityserver4/.well-known/openid-configuration/jwks
client-id: ShinyProxy
client-secret: password
When the user opens the browser to the ShinyApp, it is redirected to login page to the IdentityServer4. The user can login and then it is redirected to
http://myshinyproxyurl)/login/oauth2/code/shinyproxy
Unfortunately, the result is
or if I try on my laptop the error is slightly different
It seems there are too many redirections in the ShinyProxy.
Any ideas?
After a lot of research and study, I found how to implement Identity Server with ShinyProxy. I have created a complete step-by-step guide in my blog.
I hope it could help other guys.

Wso2 is clustering Not able to login on management console of wso2 identity server

I have configured 2 wso2 IS server instances in the local windows environment according to the documentation provided https://docs.wso2.com/display/CLUSTER44x/Clustering+Identity+Server+5.1.0%2C+5.2.0+and+5.3.0
and also the NGINX configuration with self signed certificates
I have been redirecting to the wso2 is login page of any one node but when logging in its redirecting to the login page again but at log showing
[2017-05-24 15:52:26,528] INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - 'admin#carbon.super [-1234]' logged in at [2017-05-24 15:52:26,528+0530]
Its working properly with one node(other is down).
I am not able to figure out where is the issue, both nodes are working properly no error in the logs,
Please help ,
Thanks
Pankaj
You will need to enable sticky sessions in nginx configurations. See WSO2 doc too.

Azure AD Connect with Office365

I'm trying to install an Office365 authentication on my website running Wordpress.I have a few questions :
My server runs on Debian with ISPConfig and it seems that I need a Windows Server. I that possible to add Office365 authentication on a Linux server ?
I have an Azure AD and would like the Office365 login to be the mail of my users. I think this is what they call Synchronized identity but I didn't find any resources on how to do this.
Yesterday while trying the plugin SSO-AAD-Wordpress I had the button to login using Azure but when connecting I had "Sorry, but we're having trouble signing you in". I don't know why.
Thank you for your help :)
EDIT : It works now but I have to manually add the users to the Wordpress database. The other thing is that it works with Azure, not with Office365 (I don't know if it's worst mentioning).
Azure AD authentication works for the most part with browser redirects. The OS doesn't matter.
If you want the users' login name to be like first.last#company.com, you will have to register that domain in your Azure AD and set it up as the default.
For the last one we can't really help you unless you tell more details.

Redmine, publish with basic authentication behind Microsoft TMG

I've just installed Redmine on Windows 2008 R2 through the setup realized by Bitnami.
All works fine. Also SSL is working excellent.
Since today Redmine is in my DMZ, and I reach it directly, from internal network.
I arrive on login page and go.
Now I've published it on public IP with Microsoft TMG.
On TMG I use a listener that require authentication through radius.
TMG permits to pass credential to the web application by some different way, one is basic auth, one is NTLM....
I've found a redmine plugin that permit to use basic auth in redmine, so at login I don't see the redmine page but the classic http popup for credentials.
In this situation, like other published web application, TMG is configured to pass credentials on http basic auth but only redmine fails.
TMG pass credentials and these are refused by redmine, so TMG propose again credentials request.
Does anyone has a solution?
It could be a problem in the basic auth plugin, but it's the only one I've founded.
Thanks,
Mirko

Drupal and OKTA integration

I am integrating Drupal and OKTA. When I try to access my website I am being redirected to Okta for login. But after successful authentication I am not being redirected back to my website.
I am following a SP initiated workflow. My log message in OKTA is as follows.
Is there a way I can have more debugging information from OKTA to figure out what is going on and what setting is wrong?
My suspicion is that the target resource in the SAML template isn't correct but several things could be going on. A valuable tool to help debug this is the SAML tracer extension to Firefox.
https://addons.mozilla.org/en-us/firefox/addon/saml-tracer/
It was becuase of the redirect url not set properly in the IDP and the port number issues on my server.
If you are interested in the detailed set up please checkout https://www.youtube.com/watch?v=IEtNUAM79K8

Resources