Beyond PSD2 for a Better Open Banking Expereince

PSD2 is acting as a catalyst in the digital transformation happening in the Banking industry. While meeting the compliance requirements of PSD2, financial institutes are excited to make use of the new business models and opportunities opened by this laid foundation. More the customers and partners we can reach, more the business activities and more the revenue. Making the banking functions more accessible and reactive will be a key enabler to provide a seamless experience to these parties, including internal banking staff whom directly affects the business efficiency.
IAM plays a critical role in improving business accessibility without compromising the system boundaries. PSD2 mandates strong customer authentication(SCA), setting the bar high for user authenticity, while keeping few exemptions, not to bother payment services user(PSU) with SCA for every little transactions. While adhering to this policy will make an institute PSD2 complaint, if they can react fast to the fraud rates…

How to write a Custom SAML SSO Assertion Signer for WSO2 Identity Server

This is the 3rd post I am writing to explain the use of extension points in WSO2 Identity Server. WSO2 Identity Server has so many such extension points which are easily configurable and arm the server with lot of flexibility. With this, we can support so many domain specific requirements with minimum efforts.
  • Now this third post deals with writing a custom SAML SSO Assertion signer.

What we can customize?

  • Credentials used to sign the SAML Assertion (The private key)
  • Signing Algorithm
  • This sample can be extended to customize how we sign the SAML Response and validate the signature as well.

How?

We have to write a class extending 
  • The class 'org.wso2.carbon.identity.sso.saml.builders.signature.DefaultSSOSigner' or
Implementing,
  • The interface 'org.wso2.carbon.identity.sso.saml.builders.signature.SSOSigner'
Needs to override the following method in our case to customize how we sign the assertion,

Finally we have to update the identity.xml() as below with the above custom class we write overriding the methods.

 <SAMLSSOSigner>org.wso2.custom.sso.signer.CustomSSOSigner</SAMLSSOSigner>
 
and place the compiled package with the above class at 'IS_HOME/repository/components/lib' 

Now if we restart the server and run the SAML SSO scenario, the SAML SSO Assertion will be signed in the way we defined at the custom class we wrote.

Here you can find a complete sample code to customize the assertion signing procedure.

Hope this helps..
Cheers!

Comments

  1. This comment has been removed by a blog administrator.

    ReplyDelete
  2. This comment has been removed by a blog administrator.

    ReplyDelete
  3. This comment has been removed by a blog administrator.

    ReplyDelete
  4. I am developer and i like your blog and hope in future you share same helpful blogs for us , i also like your rephraser skill.

    ReplyDelete
  5. How SAML Assertion looks like? Could anyone please provide sample SAML Assertion?

    ReplyDelete
    Replies
    1. You can find one wrapped in a SAML Response at http://pushpalankajaya.blogspot.com/2014/07/adding-custom-claims-to-saml-response.html

      Delete
  6. essay writing company
    The quality can be tested with time. Our custom writing service has many years of experience and thousands of satisfied clients. Become one of them and order a high-quality paper with us!

    ReplyDelete
  7. Greetings admin
    I like your topic, after reading your article very helpful at all and can be a source of reference
    I will wait for your next article updates
    Thank you, for sharing

    HAMMER OF THOR
    HAMMER OF THOR ASLI
    OBAT PEMBESAR PENIS
    EXTENZE
    EXTENZE ASLI

    ReplyDelete
  8. Greetings admin
    I like your topic, after reading your article very helpful at all and can be a source of reference
    I will wait for your next article updates
    Thank you, for sharing

    HAMMER OF THOR
    HAMMER OF THOR ASLI
    OBAT PEMBESAR PENIS
    EXTENZE
    EXTENZE ASLI

    ReplyDelete
  9. Greetings admin
    I like your topic, after reading your article very helpful at all and can be a source of reference
    I will wait for your next article updates
    Thank you, for sharing

    EXTENZE
    VIAGRA
    VAKUM BATHMATE HYDROMAX
    PROEXTENDER
    VAKUM PEMBESAR PENIS
    TITAN GEL

    ReplyDelete

Post a Comment

Popular posts from this blog

Signing SOAP Messages - Generation of Enveloped XML Signatures

How to send an HTML email in Java (Using Google SMTP Server)

How to convert WSDL to Java