将 WSO2 身份提供者设置为新应用程序的默认 IDP

Question

我正在使用 WSO2 Identity Server 5.1.0 并使用管理控制台将 ADFS 配置为身份提供程序。我通过在我的一个服务提供商中选择它来测试创建的 IDP，并且一切都按预期工作。

现在我想将 ADFS IDP 设置为默认 IDP。为此，我按照post 中的说明配置了文件（identity/service-providers/default.xml）。问题是当我尝试访问我的应用程序时，我收到以下错误：

    TID: [-1234] [] [2016-02-11 16:21:46,521] ERROR {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} -  Exception in Authentication Framework 
java.lang.NullPointerException
    at org.wso2.carbon.identity.application.authentication.framework.config.builder.UIBasedConfigurationBuilder.loadFederatedAuthenticators(UIBasedConfigurationBuilder.java:169)
    at org.wso2.carbon.identity.application.authentication.framework.config.builder.UIBasedConfigurationBuilder.getSequence(UIBasedConfigurationBuilder.java:108)
    at org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade.getSequenceConfig(ConfigurationFacade.java:66)
    at org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.findPreviousAuthenticatedSession(DefaultRequestCoordinator.java:302)

这是我使用的配置：

<ServiceProvider>
    <ApplicationID>1</ApplicationID>
    <ApplicationName>default</ApplicationName>
    <Description>Default Service Provider</Description>
    <InboundAuthenticationConfig>
            <InboundAuthenticationRequestConfigs>
                    <InboundAuthenticationRequestConfig>
                            <InboundAuthKey>default</InboundAuthKey>
                            <InboundAuthType></InboundAuthType>
                            <Properties></Properties>
                    </InboundAuthenticationRequestConfig>
            </InboundAuthenticationRequestConfigs>
    </InboundAuthenticationConfig>
    <LocalAndOutBoundAuthenticationConfig>
            <AuthenticationSteps>
                    <AuthenticationStep>
                            <StepOrder>1</StepOrder>
                            <FederatedIdentityProviders>
                                <IdentityProvider>
                                    <IdentityProviderName>adfs-idp</IdentityProviderName>
                                    <IsEnabled>true</IsEnabled>
                                    <DefaultAuthenticatorConfig>
                                        <FederatedAuthenticatorConfig>
                                            <Name>SAMLSSOAuthenticator</Name>
                                            <DisplayName>samlsso</DisplayName>
                                            <IsEnabled>true</IsEnabled>
                                        </FederatedAuthenticatorConfig>
                                    </DefaultAuthenticatorConfig>
                                </IdentityProvider>
                            </FederatedIdentityProviders>
                    </AuthenticationStep>
            </AuthenticationSteps>
    </LocalAndOutBoundAuthenticationConfig>
    <RequestPathAuthenticatorConfigs></RequestPathAuthenticatorConfigs>
    <InboundProvisioningConfig></InboundProvisioningConfig>
    <OutboundProvisioningConfig></OutboundProvisioningConfig>
    <ClaimConfig>
      <AlwaysSendMappedLocalSubjectId>true</AlwaysSendMappedLocalSubjectId>
   </ClaimConfig>
    <PermissionAndRoleConfig></PermissionAndRoleConfig>

“adfs-idp”是我在管理控制台中注册 IDP 时用于身份提供者名称的名称。

Answer 1

为了解决这个问题，我必须更改 FederatedIdentityProviders 中的一些 xml 元素，如下所示。

<FederatedIdentityProviders>
 <IdentityProvider>
     <IdentityProviderName>adfs-idp</IdentityProviderName>
     <IsEnabled>true</IsEnabled>
     <FederatedAuthenticatorConfigs>
         <FederatedAuthenticatorConfig>
             <Name>SAMLSSOAuthenticator</Name>
             <DisplayName>samlsso</DisplayName>
             <IsEnabled>true</IsEnabled>
         </FederatedAuthenticatorConfig>
     </FederatedAuthenticatorConfigs>
     <DefaultAuthenticatorConfig>SAMLSSOAuthenticator</DefaultAuthenticatorConfig>
 </IdentityProvider>
</FederatedIdentityProviders>