Tuesday, September 22, 2015

WSO2 IS authenticator - LinkedIn

1) Create a new LinkedIn app

2) The app will be assigned an Client ID and Client Secret. In the panel, make sure to set Authorized Redirect URLs to https://localhost:9443/commonauth

Screenshot from 2015-09-08 23:04:59.png

3) Build the sso sample from product-is/modules/samples/sso/sso-agent-sample to get the travelocity war file, add the war file to a web server (apache tomcat) and start the web server.

4) Download the IS ditribution and the service pack from http://wso2.com/products/identity-server/ and apply the service pack to the IS pack.

5) Clone the linkedin authentication connector source from https://github.com/katheesR/is-connectors/tree/master/linkedin, build the linkedin connector and copy the jar to the IS_HOME/components/dropins

6) Create a Identity provider from IS management console.

Screenshot from 2015-09-08 20:34:55.png

Now you can see the linkedIn configuration under Federated authentications section. Enable and fill the value for client ID, client secret and callback URL which can be got from the step1.

Screenshot from 2015-09-08 23:53:03.png
7) Create a service provider from IS management console.

Screenshot from 2015-09-08 23:59:35.png

Screenshot from 2015-09-08 20:31:02.png

8) Extract the certificate from browser by navigating to https://www.linkedin.com/ and place the certificate file in following locations.


Navigate to the above location from command prompt and execute
'keytool -importcert -file CERT_FILE_NAME -keystore client-truststore.jks -alias "LinkedIn"' in command line to import linkedin certificate into keystore. Give "wso2carbon" as password.

import the following two certificates.

keytool -importcert -file www.linkedin.com -keystore client-truststore.jks -alias "linkedin"
keytool -importcert -file DigiCertSHA2SecureServerCA -keystore client-truststore.jks -alias "Dig"

9) go to the travelocity app http://localhost:8081/travelocity.com/index.jsp and click SAML2 redirect login
Screenshot from 2015-09-09 00:05:35.png

9) The page will be redirected to the linkedin authentication page.

Screenshot from 2015-09-09 11:17:28.png

If the credential is success then you will get the  linkedin account details.

Screenshot from 2015-09-09 00:11:13.png

sample LinkedIn authentication connector code - https://github.com/katheesR/is-connectors/tree/master/linkedin

No comments:

Post a Comment

Locking in JPA

PESSIMISTIC_WRITE Locking is used for protecting mutable shared data. An PESSIMISTIC_WRITE lock is acquired to prevent any other transac...