Monday, December 8, 2014

Hi, In this post I will Explain you how to share a windows directory over SMB (Server Message Block). I'm user Windows 2008 Server, and this steps can be followed in any windows server machine. Later in this post I will explain you how to connect to these shares from Linux. So lets get started.

How to Create a SMB share in Windows

First lets create a new directory, in my case I will be creating it in the Desktop, I will name it smbsharedirectory as shown below

Now Go windows windows menu and search for a program called "Share and Storage Management"(This is only available in server versions of windows). Now open the Program.

Now go to Actions and select "Provision Share.." as Shown below

Now select the directory you created as the share directory click on next.

Now select the following options, as shown in the below image.

As shown below select "SMB" as the share protocol.

Now you will be prompted with the following page. just click next.

Now provide the necessary permissions to the Shared directory. I have given all permissions to all the users.

If you need to configure DFS you can use the following window, in my case I will just skip this and click on next.

Now you can review your settings and click on Create

Voila!! Now its done. Now close the window.

Now go to the main program and click on Share tab, the directory you just created will be shown as a shred directory.

How easy was that, next I will explain you how to access this shared directory from ubuntu. I'm using Ubuntu 14.04

How to Access SMB shares from Ubuntu

First open any directory on your computer and navigate to the left hand side colum "Places" and Double Cick on "Connect to Server" option

Now add the server details, in my case "smb://" Now click on Connect. When you click connect a screen will prompt to enter the User Name and password. Enter correct credentials.

Now you will be connected to the SMB shared folder, Now you can create modify any content in this directory.

So this wraps up this Post, feel free to direct any queries you have.

Thanks for reading!!

Thursday, November 27, 2014

In your Web App you will need to authenticate users using federated authenticators, IS supports many federated authenticators including, Google, Yahoo, Facebook, etc. So in this post I will explain how to add multiple federated authenticators to your web app, when multiple authenticators are added IS will render a intermediary page to the user to select the required authenticator, I will also explain you how to get rid of this page and how to directly authenticate from your webapp through WSO2IS

IS version I'm using is IS : 5.0

I will be using google and yahoo as federated authenticators and as the sample client (WebApp) I will be using example you can download it from here.

First Lets create necessary Identity providers.

First download and start the IS server. You can download WSO2 IS from here.

Step 1 - Starting the server

- Start the IS server by navigating to <IS_home>/bin/

Step 2 - Adding Google Authenticator

In order add Google as a federated authenticator you need to Register Google authenticator as a new IDP by following below steps;

Navigate to;

- Home > Identity > Identity Providers > Add

- Fill the Basic Information I will Give the Identity provider name as googleOpenID, you can enter any name you wish.

-  Now add "Home Realm Identifier" name as "google", make sure this name is unique.

- Then go to Federated Authenticators tab and select “Google Configuration” menu there. Enable the given options as shown in the below image.

 - Click on Register button.

Step 3 - Adding Yahoo as a authenticator

Now create a new IDP for yahoo. You can follow the above steps to do this, in the last step use yahoo as the federated authenticator.

The final configs will be as following,

Step 4 - Registering Service Provider

Next you need to register a service provider. you can follow the steps given below to do this.

- Home > Identity > Service Providers > Add

- Give a Service provider name hen click on “Register” button. i.e. Service provider Name as

- Then you will redirect to the registered Service Providers editable view.

- Tick on the Saas Application option given in the Basic information section and select the “Inbound Authentication Configuration” there. (When you select the saas option you can use the service provider from tenant domains as well.)

- Among the given options, select “SAML2 Web SSO Configuration” option and click on given “Configure” link.

- Then you will redirect to SSO configuration view.

- Fill the given fields accordingly.

Issuer :
Assertion Consumer URL : http://localhost:8080/

Tick on following options as well;

- Use fully qualified username in the NameID
- Enable Response Signing
- Enable Assertion Signing
- Enable Single Logout

- Then click on “Local & Outbound Authentication Configuration” tab and select “Advanced Configuration” 

- Now Add a new Authentication step

- Now add the federated authenticators you created as shown below,

And then click "Update" and then on “Register” button.

Step 5 - Adding the Client Application to Tomcat

- Placed the webapplication file inside the webapp folder of the tomcat server and start the tomcat server (version 7. +). (Get the travelocity sample svn checkout from here.)

- Access the webapp using following link.

- Since we have configured our service provider for a SAML request, select the SAML option as shown in the given image.

- Now it will redirect you to the IS login page and from there you will have to select the Login type. In the Next step I will explain you how to get rid of this login page.

- If you select the Google option it will be redirected to google.


- Once you have entered valid Google credentials you will get authorized and get permitted to access the requested travelocity webapp. 

By-parsing the IS authenticator selection page

In most cases you will not require IS to render a intermediary page when authenticating with multiple federated authenticators. In order to by parse the Authenticator selection screen the SAML request should tell IS which federated authenticator to use.

For this you can add a new parameter in the SAML request header. The parameter name is "fidp" this should be equal to the "Home Realm Identifier" defined in the step 2 when creating IDPs, The authenticator will be identified by this name by the IS.

- Inorder to simulate this with application stop the tomcat server.

- Navigate to <TOMCAT_HOME> > webapps > > WEB-INF > classes >

- Go to the end of the file add the following parameter.


The final content will look like following

The above will add the "fidp" parameter to the SAML request header. You can enable SSO tracing and look into this. The final SAML request will look like following,

- Now if you go to the travelocity App and click on the SAML request, you will be directed to the yahoo login page.

- Now you can change the "fidp" parameter to google and do the same, It will be directed to the google page.


In your web-application, depending on the users selection; "fidp" should be generated dynamically. So IS will direct the request to the correct authenticator.

If you have any queries please feel free to drop a comment. :)

Subscribe to RSS Feed Follow me on Twitter!