Menu
I'd like to write a web application which does the authentication using SAML 2.0 tokens, issued by an identity provider. I understand, according to this question, that there is a viable solution in the PHP world using simpleSAMLphp.
Is there an equivalent method in the Java world? Are there out of the box solutions and/or tutorials for common servlet containers or application servers?
865
SAML 2.0 was introduced in 2005 and remains the current version of the standard. The previous version, 1.1, is now largely deprecated.
SAML 2.0 (Security Assertion Markup Language) is an open standard created to provide cross-domain single sign-on (SSO). In other words, it allows a user to authenticate in a system and gain access to another system by providing proof of their authentication.
SAML errors usually occur when there's missing or incorrect information entered during your SAML setup. You can resolve most of these issues from your IDP settings, but for some, you'll need to update your SSO settings in Slack as well.
You can try the OpenSAML project; it provides a Java library for creating and validating SAML tokens.
165
You could take a look at 2 products:
Both have a rather impressive features list and offer a wide list of SSO agents.
The main benefit of the agent approach is that you don't have to care in your application about the authentication process as it is handled by the agent and the SSO infrastructure.
If you're going to develop your own SAML2 Service Provider, using OpenSAML is the way to go. The downside is that this library is not that well documented. Nevertheless you should find easily some tutorials on OpenSAML on the web.
You could implement it for example as a servlet filter, so that your application code is not tied to SAML.
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
