将WSO2身份提供程序设置为新应用程序的默认IDP

Question

我使用的是WSO2 Identity Server 5.1.0，并使用管理控制台将ADFS配置为身份提供程序。我通过在我的一个服务提供商中选择它来测试创建的IDP，并且所有IDP都按预期工作。

现在我想将ADFS IDP设置为默认IDP。为此，我按照post中的说明配置了文件（identity / service-providers / default.xml）。问题是，当我尝试访问我的应用程序时，出现以下错误：

    TID: [-1234] [] [2016-02-11 16:21:46,521] ERROR {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} -  Exception in Authentication Framework 
java.lang.NullPointerException
    at org.wso2.carbon.identity.application.authentication.framework.config.builder.UIBasedConfigurationBuilder.loadFederatedAuthenticators(UIBasedConfigurationBuilder.java:169)
    at org.wso2.carbon.identity.application.authentication.framework.config.builder.UIBasedConfigurationBuilder.getSequence(UIBasedConfigurationBuilder.java:108)
    at org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade.getSequenceConfig(ConfigurationFacade.java:66)
    at org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.findPreviousAuthenticatedSession(DefaultRequestCoordinator.java:302)

以下是我使用的配置：

<ServiceProvider>
    <ApplicationID>1</ApplicationID>
    <ApplicationName>default</ApplicationName>
    <Description>Default Service Provider</Description>
    <InboundAuthenticationConfig>
            <InboundAuthenticationRequestConfigs>
                    <InboundAuthenticationRequestConfig>
                            <InboundAuthKey>default</InboundAuthKey>
                            <InboundAuthType></InboundAuthType>
                            <Properties></Properties>
                    </InboundAuthenticationRequestConfig>
            </InboundAuthenticationRequestConfigs>
    </InboundAuthenticationConfig>
    <LocalAndOutBoundAuthenticationConfig>
            <AuthenticationSteps>
                    <AuthenticationStep>
                            <StepOrder>1</StepOrder>
                            <FederatedIdentityProviders>
                                <IdentityProvider>
                                    <IdentityProviderName>adfs-idp</IdentityProviderName>
                                    <IsEnabled>true</IsEnabled>
                                    <DefaultAuthenticatorConfig>
                                        <FederatedAuthenticatorConfig>
                                            <Name>SAMLSSOAuthenticator</Name>
                                            <DisplayName>samlsso</DisplayName>
                                            <IsEnabled>true</IsEnabled>
                                        </FederatedAuthenticatorConfig>
                                    </DefaultAuthenticatorConfig>
                                </IdentityProvider>
                            </FederatedIdentityProviders>
                    </AuthenticationStep>
            </AuthenticationSteps>
    </LocalAndOutBoundAuthenticationConfig>
    <RequestPathAuthenticatorConfigs></RequestPathAuthenticatorConfigs>
    <InboundProvisioningConfig></InboundProvisioningConfig>
    <OutboundProvisioningConfig></OutboundProvisioningConfig>
    <ClaimConfig>
      <AlwaysSendMappedLocalSubjectId>true</AlwaysSendMappedLocalSubjectId>
   </ClaimConfig>
    <PermissionAndRoleConfig></PermissionAndRoleConfig>

“ adfs-idp ”是我在管理控制台中注册IDP时用于身份提供商名称的名称。

Answer 1

要解决这个问题，我必须更改FederatedIdentityProviders中的一些xml元素，如下所示。

<FederatedIdentityProviders>
 <IdentityProvider>
     <IdentityProviderName>adfs-idp</IdentityProviderName>
     <IsEnabled>true</IsEnabled>
     <FederatedAuthenticatorConfigs>
         <FederatedAuthenticatorConfig>
             <Name>SAMLSSOAuthenticator</Name>
             <DisplayName>samlsso</DisplayName>
             <IsEnabled>true</IsEnabled>
         </FederatedAuthenticatorConfig>
     </FederatedAuthenticatorConfigs>
     <DefaultAuthenticatorConfig>SAMLSSOAuthenticator</DefaultAuthenticatorConfig>
 </IdentityProvider>
</FederatedIdentityProviders>