How to implement SAML SSO

Posted by A_M on Stack Overflow See other posts from Stack Overflow or by A_M
Published on 2009-04-30T09:38:52Z Indexed on 2010/05/15 3:04 UTC
Read the original article Hit count: 488

Filed under:

sso

|

web

|

security

|

java

|

saml

How is SAML SSO typically implemented?

I've read this about using SAML with Google Apps, and the wikipedia entry on SAML.

The wikipedia entry talks about responding with forms containing details of the SAMLRequest and SAMLResponse. Does this mean that the user has to physically submit the form in order to proceed with the single sign on?

The google entry talks about using redirects, which seems more seemless to me. However, it also talks about using a form for the response which the user must submit (although it does talk about using JavaScript to automatically submit the form).

Is this the standard way of doing this? Using redirects and JavaScript for form submission?

Does anyone know of any other good resources about how to go about implementing SSO between a Windows Domain and a J2EE web application. The web application is on a separate network/domain. My client wants to use CA Siteminder (with SAML).

© Stack Overflow or respective owner

Related posts about sso

SSO in Weblogic server

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Configuring Single Sign-On in Oracle Fusion Middleware ReferenceOracle Fusion Middleware Security OverviewOracle Fusion Middleware Security GuideOracle Fusion Middleware Securing Oracle WebLogic Server >>> More
Sharepoint SSO bulk creation of user accounts

as seen on Stack Overflow - Search for 'Stack Overflow'
Hopefully someone can help... I need to provide client with a solution to allow bulk creation of user accounts into SharePoint SSO. The client wants to provide an excel spreadsheet with accounts, usernames and passwords and have that created in the SSO database. I've been told its possible but… >>> More
Log in using Java where server's authentication could be sso or web applcation container's basic

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I have a situation where ideally I want to be able to log-in to a secure area using a Java application. I would like to make an HTTP request and check the response to see if I need to do some kind of authenication before I can actually get the response expected, instead of effectively some… >>> More
AuthnRequest Settings in OIF / SP

as seen on Oracle Blogs - Search for 'Oracle Blogs'
In this article, I will list the various OIF/SP settings that affect how an AuthnRequest message is created in OIF in a Federation SSO flow. The AuthnRequest message is used by an SP to start a Federation SSO operation and to indicate to the IdP how the operation should be executed: … >>> More
E-Business Integration with SSO using AccessGate

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Moving away from the legacy Oracle SSO, Oracle E-Business Suite (EBS) came up with EBS AccessGate as the way forward to provide Single Sign On with Oracle Access Manager (OAM). As opposed to AccessGate in OAM terminology, EBS AccessGate has no specific connection with OAM with respect to configuration… >>> More

Related posts about web

Why is Java EE 6 better than Spring ?

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Java EE 6 was released over 2 years ago and now there are 14 compliant application servers. In all my talks around the world, a question that is frequently asked is Why should I use Java EE 6 instead of Spring ? There are already several blogs covering that topic: Java EE… >>> More
Hosting a website on Heroku.... I know how to, but im running into problems!

as seen on Pro Webmasters - Search for 'Pro Webmasters'
I'm starting to learn more on the back-end scale of programing. Recently I started up Heroku for the second or third time. This time I actually installed the Git update to my Mac and installed Heroku in the terminal. I wanted to upload a static html site with the sinatra gem. Everything worked out… >>> More
Microsoft .NET Web Programming: Web Sites versus Web Applications

as seen on Samir ASP.NET with C# Technology - Search for 'Samir ASP.NET with C# Technology'
In .NET 2.0, Microsoft introduced the Web Site. This was the default way to create a web Project in Visual Studio 2005. In Visual Studio 2008, the Web Application has been restored as the default web Project in Visual Studio/.NET 3.x The Web Site is a file/folder based Project structure. It… >>> More
VS2008 - Unable to Add Web Reference to Web Application Project (The web services enumeration compon

as seen on Stack Overflow - Search for 'Stack Overflow'
I've run into a situation where I was unable to add a Web Reference in Visual Studio 2008 to a Web Application Project. The error I couldn't resolve was "The web services enumeration components are not available. You need to reinstall Visual Studio to add web references to your application." How… >>> More
Outlook Web Access: "Outlook Web Access has encountered a Web browsing error"

as seen on Super User - Search for 'Super User'
When one of my colleagues is accessing Outlook Web Access from IE, he frequently gets an error reported: "Outlook Web Access has encountered a Web browsing error". The error report includes the following: Client Information User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4… >>> More