How to implement openAM SSO to my existing web applications

single-sign-on saml-2.0 openam
12,162

Solution 1

Now that an OpenAM agent is in place on top of your app, your web app can work under the assumption the there is already a valid logged-in user - you need to remove the login page from your web app.

To get the current user details just alter your OpenAM agent config to set HTTP headers with relevant fields like username, full name, etc. Then instead of a web app login page you just check HTTP headers (should be safe from spoofing as long as the only route into your web app is coming through the OpenAM agent).

Another way is to grab the OpenAM cookie and use it to make REST calls directly to the server. Makes things a little more fragile though because you now need to maintain additional config.

You don't necessarily need any additional user tables / datastores for your web app, only if you need to map their login name to whatever it is your web app is doing (saving preferences, etc) in which case you need to check that the username you've been given already exists inside your app. If not then add it.

Solution 2

We were able to implement single sign on using openam with a JSF web application using Spring SAML extension and Openam. Instead of agent we used fedelet that way we can port to ant application server

Please see my articles on generic info related to Openam concepts http://reddymails.blogspot.com/2013/03/sso-for-java-or-net-web-based.html

Steps to integrate JSF 2 web application with Openam using Spring SAML extension and Spring Security. http://reddymails.blogspot.com/2013/06/integrating-jsf-web-applicataion-with.html

-Ram

Share:
12,162
AKZap
Author by

AKZap

Currently working as Java Web Application Developer. Experience in C/C++, Html, css, javaScript, VB 6.0, VB.NET, C#.NET, ASP.NET, SQL, SQL Server, Java, JSF 1.2, Spring, Seam, iBatics, MySql, PostgreSql Knowledge in css, Ajax, jQuery, android, joomla

Updated on June 23, 2022

Comments

  • AKZap
    AKZap almost 2 years

    I'm try to implementing SSO in my existing web applications with using OpenAM by refer following link

    http://fczaja.blogspot.com/2012/06/idp-initiated-sso-and-identity_21.html

    PS. my web applications have their own login page already

    Now what is got after implementation is, openAM login page are protected in my web applications and i need to make login again to my application

    what i need is, want to skip the login page of my application to become single sign on.

    so, can anyone tell me what tasks need i do left? do i need to revise my Login page of my application? do i need any database or datastore to keep user login information?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Steps to implement SSO for php application
Is there a way to provide SAML sp implementation using an Apache filter?
SimpleSamlPhp as SP redirects incorrectly
SAML based SSO with Laravel
What is the correct format for SAML 2.0 Assertions?
How to create a self-signed x509 certificate with both private and public keys?
SAML simple example for beginners
Differences between SP initiated SSO and IDP initiated SSO
SAML/ADFS node.js implementation guide?
What is exactly RelayState parameter used in SSO (Ex. SAML)?