We want our (struts 1.3) application to integrate with SAML through Okta SSO. I searched in Google but not seen any example. Please Advise me on "(struts 1.3) application to integrate with SAML through Okta SSO" and give some sample codes.
Thanks in Advance...
Okta has a relevant guide for integrating Spring Security SAML here: http://developer.okta.com/docs/guides/spring_security_saml.html
Spring also has some documentation on the topic: http://docs.spring.io/autorepo/docs/spring-security-saml/1.0.x-SNAPSHOT/reference/html/chapter-idp-guide.html#d5e1816
One way to approach this is to do an integration your Struts 1.3 app with Spring Security first. I have not done this integration myself - but there seems to be a few threads on this subject - if you search for "struts spring security"
How to integrate an old Struts application with Spring 3.x
https://spring3mvc.wordpress.com/2012/06/25/spring-security-with-struts-1-3/
http://classfoundexception.blogspot.com/2012/04/how-to-secure-struts-13-application.html
Afterwards, follow the guidance here - http://developer.okta.com/docs/guides/spring_security_saml.html - to SAML-enable your app. You will then configure an app instance in Okta to make Okta as the IDP of your application. I don't have anything more detailed than this as I haven't tried this myself - but hopefully, this will lead you down the right path.
Related
I am trying to implement Azure saml sso with my angular web app.
I have deployed angular web app in azure and created a enterprise application(Azure saml toolkit).
I have assigned users in first step.
I couldn't find useful links or steps to configure Azure saml toolkit and not sure how to specify
Sign-in url,Assertion url and redirect url for my site in toolkit.
Any help is appreciated.
Did you see the instructions here?
All the details are in the SAML configuration pages when configuring SSO for the enterprise application.
I have my ReactJs application and I'm authenticating the users using Okta React SDK (https://github.com/okta/okta-react). This SDK is using OpenID and OAuth 2.0 to authenticate users. Now, I want to change the authentication flow from (OAuth 2.0) to (SAML 2.0) in my react application. So that user would authenticate from Okta using SAML2.0 flow instead of OAuth2.0.
For the backend, I’m using ruby on rails. I have gone through a number of blogs and documents But, looks like I am unable to find a way or examples where I get some help.
Is this possible, what I’m trying to achieve ?.
Looking forward to you guys, I’m really stuck in it.
The usual solution is in 2 layers:
Your React app uses Open Id Connect and you receive tokens with which APIs can be called. The code and tokens involved are JavaScript friendly.
Multiple login types can be supported - if you need to do a SAML login you configure Okta accordingly but do not need to change code in your UIs and APIs. You will want to avoid coding SAML yourself since it is not a web friendly technology.
So the direction should be to point Okta to a SAML identity provider and perform a federated login. If useful my blog post has further info on the general approach.
i'm working on a project developed on SPRING MVC FRAMEWORK VERSION 4 and I need to integrate it with AZURE AD for SSO authentication. Would really appreciate if anyone could provide some documentation or something which covers all the points from authenticate to redirecting the user to homepage after the authentication and all that.
Regarding Azure AD Integration kindly get the entire detailed information from the below document.
I need to integrate a client application written with react and redux (spring boot backend) with WSO2 Single Sign-On (SAML 2.0) IDP
Do I need to make use of few node.js based packages such as "passport-saml" etc to achieve single sign-on with wso2 IDP?
Appreciate if you could share your thoughts/expertise/any reference links.
Thanks.
You can use OpenSAML(no longer maintained though) or a similar Java SAML assertion library for this.
Passport-js is specifically designed to work with nodejs. One way u could make use of passportJs is by implementing the authentication and authorization business logic of the application as a NodeJs based micro-service. AFAIK WSO2 IS works perfectly with passport-js.
Any help, advice and experience is welcome.
Im currently having a separate AngularJS SPA on a Apache HTTP Server and a Spring Backend on a Tomcat 7 Servlet. The backend serves as a Rest API for the SPA.
Some rest resources will require a user to have a certain role.
I've been searching the internet for days on what and how to implement the best security strategy:
Basic Auth
Digest
oAuth
Stateless, Cookies? Sessions? Tokens? CSRF?
How would you go about communicating Spring Security in Json or XML to your SPA to show the user an authentication page or an "your successfully authenticated page"?
Any help is appreciated.
I finally figured out how to make the SPA authenticate with my Rest Backend.
In spring security I created a
Custom SimpleUrlAuthenticationFailureHandler which returns a HTTP-Unauthorizated if a login attempt fails.
Custom SavedrequestAwareAuthenticationSuccessHandler which returns Http-Oke if a login attempt is successful.
Custom AuthenticationEntryPoint which returns Http-Unauthorizated instead of a redirect.
Custom LogoutSuccessHandler which returns Http-OK.
I disabled CSRF.
If anyone needs more help feel free to let me know or message me.
I highly recommend watching this Spring's introductory video. It explains usage of Spring Security from ground up using Java configuration. Apart basic configuration, authentication and CLRF token usage also dive into field security. Uses templating on server with Thymeleaf though, but can provide a lot of wisdom for REST based app also.