SSO

Note

Single sign-on (SSO) is a property of access control of multiple related, yet independent, software systems. With this property, a user logs in with a single ID and password to gain access to a connected system or systems without using different user names or passwords, or in some configurations seamlessly sign on at each system. For more information, see https://en.wikipedia.org/wiki/Single_sign-on.

[%=TransactVariables.Manager%] comes with the generic SSO , which is intended as a template to implement any SSO provider. This means that you are expected to make significant configuration changes to your new [%=TransactVariables.SecurityManagerLowCase%] before you can start using it for user authentication and authorization. This generic implementation allows the configuration of SAML-based SSO for integrating it with other SSO implementations such as CA Single Sign-On (SiteMinder).

Note

You should use this as a template to implement SSO for your proxy-based SAML or Header-based application. If you need to a ready-to-use SSO , refer to OAuth2 SSO Security Manager.

We recommend you to check the Federation Services (SSO) Sequence Diagram below to understand how Microsoft ADFS SSO works.

However, the key difference between the Microsoft ADFS and the SSO is just the Groovy script templates - under the covers both types make use of the same Java classes.

Note

You do not need to configure the SSO Revalidation and the Certificates for the SSO .

To configure the SSO :

  1. Configure the 's settings.
  2. Assign one or several form spaces to this .
  3. Configure s.
  4. Configure the parameters.
  5. Configure SSO Get Auth Token to define a Groovy script that implements a specific provider.
  6. Configure SSO Auth OK Response to define a Groovy script that implements a specific provider.
  8. Verify you can log on to a secure page from .

Next, learn how to configure the OAuth2 SSO [%=TransactVariables.SecurityManagerLowCase%].