I need to implement SSO for a legacy application built in java 1.6 and spring framework 3.1.2 using SAML2.0. I have already implemented SSO using SAML2.0 with the latest spring-boot. Is it possible to implement SSO without using springboot.
Spring is essentially a SAML client-side library.
There are others.
In the Java world, OpenSAML is a possible option.
Related
I am trying to use the itfoxtec-identity-saml2 code samples from Github to use as my ASP.NET client app to autenticate with Forgerock. But it seems the are no samples-code-documentation on this. Am I moving the wrong path?
Is itfoxtec-identity-saml2 even compatible with Forgerock SSO server?
ITfoxtec Identity Saml2 support SAML 2.0 and basically supports all IdPs which support SAML 2.0.
It looks like Forgerock SSO support SAML 2.0 in this guide: https://backstage.forgerock.com/docs/am/6.5/saml2-guide/
It looks
I have an asp.net web api and angularjs(1.4.x) app and planning to use Azure AD for authentication and single sign on feature. Most of the examples are using ADAL, which is deprecated as per Microsoft. Can anyone share some examples of what changes need to be done in Web api and AngularJS app?
Migrate ADAL.js to MSAL.js for Azure AD Authentication for AngularJS+ASP.NET Core application.
You could try #azure/msal-angularjs for AngularJS SPA
When migrating ADAL.js to MSAL.js, you need to use #azure/msal-angular that is based on Microsoft identity platform v2.0.
Below is the example using MSAL Angular and call a .NET Core web API.
Example : https://github.com/Azure-Samples/ms-identity-javascript-angular-tutorial/tree/main/3-Authorization-II/1-call-api
Reference Guide Based on SO Thread: https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-compare-msal-js-and-adal-js
https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-net-migration
I have implemented OAUTH 2.0 authentication with MSAL libraries as below.
clientApplication.getAuthorizationRequestUrl(parameters).toString(); to invoke authorization endpoint and
clientApplication.acquireToken(authorizationCodeParameters) to aquire token from authorization code.
Now I have to implement the same flow for SAML V2.0 protocol too and need some help from the Microsoft team in finding related libraries with which I can invoke /saml2/ endpoint and fetch saml assertions.
I'm using Spring boot 2.2.
Thanks in advance
There are no official Microsoft SAML libraries.
There is a list of client-side libraries.
I need to integrate a client application written with react and redux (spring boot backend) with WSO2 Single Sign-On (SAML 2.0) IDP
Do I need to make use of few node.js based packages such as "passport-saml" etc to achieve single sign-on with wso2 IDP?
Appreciate if you could share your thoughts/expertise/any reference links.
Thanks.
You can use OpenSAML(no longer maintained though) or a similar Java SAML assertion library for this.
Passport-js is specifically designed to work with nodejs. One way u could make use of passportJs is by implementing the authentication and authorization business logic of the application as a NodeJs based micro-service. AFAIK WSO2 IS works perfectly with passport-js.
We want our (struts 1.3) application to integrate with SAML through Okta SSO. I searched in Google but not seen any example. Please Advise me on "(struts 1.3) application to integrate with SAML through Okta SSO" and give some sample codes.
Thanks in Advance...
Okta has a relevant guide for integrating Spring Security SAML here: http://developer.okta.com/docs/guides/spring_security_saml.html
Spring also has some documentation on the topic: http://docs.spring.io/autorepo/docs/spring-security-saml/1.0.x-SNAPSHOT/reference/html/chapter-idp-guide.html#d5e1816
One way to approach this is to do an integration your Struts 1.3 app with Spring Security first. I have not done this integration myself - but there seems to be a few threads on this subject - if you search for "struts spring security"
How to integrate an old Struts application with Spring 3.x
https://spring3mvc.wordpress.com/2012/06/25/spring-security-with-struts-1-3/
http://classfoundexception.blogspot.com/2012/04/how-to-secure-struts-13-application.html
Afterwards, follow the guidance here - http://developer.okta.com/docs/guides/spring_security_saml.html - to SAML-enable your app. You will then configure an app instance in Okta to make Okta as the IDP of your application. I don't have anything more detailed than this as I haven't tried this myself - but hopefully, this will lead you down the right path.