Configure Service Provider ==================== 1) Configure the Account Chooser Valve in your jboss-web.xml of your web application
An example would look like
<?xml version="1.0" encoding="UTF-8"?> <jboss-web> <security-domain>sp</security-domain> <context-root>accountchooser</context-root> <valve> <class-name>org.picketlink.identity.federation.bindings.tomcat.sp.AccountChooserValve</class-name> </valve> <valve> <class-name>org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator</class-name> </valve>
</jboss-web>
2) Now you will need a file containing a key value pair called idpmap.properties in WEB-INF of your Service Provider.
Example of idpmap.properties
DomainA=http://localhost:8080/idp1/ DomainB=http://localhost:8080/idp2/
3) You will need to place an account choosing html in your Service Provider web application.
By default, it is called accountChooser.html
Example of accountChooser.html is as follows
<a href="?idp=DomainA">DomainA</a> <hr/> <a href="?idp=DomainB">DomainB</a>
In this account choosing html, we have configured two domains or accounts namely DomainA and DomainB. The URL to each of these domains should have a query parameter "idp" that gives the name of the Domain.
The AccountChooserValve has a few configurable options:
-
DomainName: this is the domain name to be used for the cookie that is sent to the user's browser. This is not required.
-
CookieExpiry: set the cookie expiry in seconds. Default is -1 which means the cookie expires when the browser is closed. This is not required.
-
AccountIDPMapProvider: Fully Qualified Name of the implementation for IDP Mapping. Default uses an properties file called idpmap.properties. This is not required.
-
AccountChooserPage: Set the name of the html/jsp page for listing the accounts. By default,we use accountChooser.html. This is not required.
|