Question

我们为WSO2AM-2.1.0提供了基于文件的SAML IdP配置（类似于this one），我们希望迁移到wso2am-2.6.0

使用相同的IdP配置文件，未配置IdP，在日志中，我们看到：

ERROR - IdentityProvider Error while building default provisioning connector config for IDP oamidp.
Cause : No configured name found for ProvisioningConnectorConfig Building rest of the IDP configs

这是存储库/ conf / identity / identity-providers /

中的XML文件配置

我在https://docs.wso2.com/display/IS570/Configuring+a+SP+and+IdP+Using+Configuration+Files

中找到了一个示例配置

我相信我们的配置符合exaample的要求（没有提及任何ProvisioningConnectorConfig标记

Answer 1

DefaultProvisioningConnectorConfig空时需要注释掉

<IdentityProvider>
    <IdentityProviderName>oamidp</IdentityProviderName>
    <DisplayName>oamidp</DisplayName>
    <IdentityProviderDescription>Access Manager DEV</IdentityProviderDescription>
    <Alias>oamidp</Alias>
    <IsPrimary/>
    <IsEnabled>true</IsEnabled>
    <IsFederationHub/>
    <HomeRealmId/>
    <ProvisioningRole/>
    <FederatedAuthenticatorConfigs>
        <saml2>
            <Name>SAMLSSOAuthenticator</Name>
            <DisplayName>samlsso</DisplayName>
            <IsEnabled>true</IsEnabled>
            <Properties>
                <property>
                    <Name>IdpEntityId</Name>
                    <Value>http://localhost/simplesaml/saml2/idp/metadata.php</Value>
                </property>
                <property>
                    <Name>IsLogoutEnabled</Name>
                    <Value>true</Value>
                </property>
                <property>
                    <Name>SPEntityId</Name>
                    <Value>https://wso2am-test/sp</Value>
                </property>
                <property>
                    <Name>SSOUrl</Name>
                    <Value>http://localhost/simplesaml/saml2/idp/SSOService.php</Value>
                </property>
                <property>
                    <Name>isAssertionSigned</Name>
                    <Value>false</Value>
                </property>
                <property>
                    <Name>commonAuthQueryParams</Name>
                    <Value/>
                </property>
                <property>
                    <Name>IsUserIdInClaims</Name>
                    <Value>false</Value>
                </property>
                <property>
                    <Name>IsLogoutReqSigned</Name>
                    <Value>false</Value>
                </property>
                <property>
                    <Name>IsAssertionEncrypted</Name>
                    <Value>false</Value>
                </property>
                <property>
                    <Name>IsAuthReqSigned</Name>
                    <Value>true</Value>
]               </property>
              <!-- there was a typo in the code, we have both values to be sure -->
                <property>
                    <Name>ISAuthnReqSigned</Name>
                    <Value>true</Value>
                </property>
                <property>
                    <Name>IsAuthnRespSigned</Name>
                    <Value>true</Value>
                </property>
                <property>
                    <Name>LogoutReqUrl</Name>
                    <Value>https://logon-test.mycomp.com/oamfed/idp/samlv20</Value>
                    <!-- Value>false</Value -->
                </property>
            </Properties>
        </saml2>
    </FederatedAuthenticatorConfigs>
    <DefaultAuthenticatorConfig>SAMLSSOAuthenticator</DefaultAuthenticatorConfig>
    <ProvisioningConnectorConfigs/>

    <!-- DefaultProvisioningConnectorConfig/ -->
    <ClaimConfig>
        <LocalClaimDialect>true</LocalClaimDialect>
        <ClaimMappings>

        </ClaimMappings>
    </ClaimConfig>
    <Certificate>MII....ZNYg=</Certificate>
    <PermissionAndRoleConfig/>
    <JustInTimeProvisioningConfig>
        <UserStoreClaimUri/>
        <ProvisioningUserStore/>
        <IsProvisioningEnabled>false</IsProvisioningEnabled>
    </JustInTimeProvisioningConfig>
</IdentityProvider>

wso2am 2.6.0基于文件的SAML IdP配置

1 个答案: