- Single Sign on for Java/J2ee based Web applications
- Single sign on using Spring Security SAML Extension and Role based authentication using Spring Security
- Single sign on Java
- Single sign on for JSF based web application.
Before getting in to the details of why we need OpenAM lets know some terminologies.I will describe them in my own words as those technical jargon's took me a while to catch up.
Eg: Say your web application (SP) is at www.xyz.com/shopnow and your identity provider url is www.myidp.com/openam then you need to add both these urls to one circle of trust in OpenAM.
There could be a situation where you may have to integrate more than one IDP to your SP in that case you need to have another instance of OpenAM that can act like IDP proxy.
So your configuration will look like
SP (Your Java Web app) <===> IDP Proxy <=====> (IDP1, IDP2.....)
IDPProxy is an OpenAM instance
IDP1, IDP2- Are Identity providers which can be OpenAM or any SAML2 Complaint IDPs.
Here is link for some sample saml request and responses.
Dont panic you will not create this xml OpenAM, Spring Saml extension or Fedlet does the job for you.
In the next article I will explain how to install OpenAM as IDP and how you can plugin Spring SAML extension and Spring Security to you web app to talk to OpenAM and trouble shooting.
If you like my articles or have any suggestions please leave a comment.