Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

SAML  RSS feed

 
Balaji Soundarajan
Ranch Hand
Posts: 59
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

I am new to SAML and web service.
I need to implement SSO in our application through SAML. Can any one please explain how to achieve this with basic flow (step by step)

Thanks in advance.

Regards,
-Balaji.S
 
Ivan Krizsan
Ranch Hand
Posts: 2198
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi!
SAML is, as the name implies, a language (Security Assertion Markup Language). You need some tool that uses this language, in order to implement SSO in your own application in a reasonable amount of time.
I would recommend you to take a look at one or more of the following:
Shibboleth, an open source SSO solution based on SAML: http://shibboleth.internet2.edu/
Oracle OpenSSO (formerly Sun Java System Access Manager): http://www.oracle.com/technetwork/testcontent/opensso-091890.html
JBoss SSO: http://www.jboss.org/jbosssso
Best wishes!
 
Sid Sidner
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
We (Ping Identity) have tons of information about SAML in the Knowledge Center tab on our Web site, pingidentity.com.

We have a Java integration kit that makes it easy to federate directly from a Java Web app, using a simple API. Lots of source code and sample apps are included for both the identity provider role and the service provider role. This makes it easy to understand the SAML protocol flow for browser SSO and for WS-Security. You can download a copy of the PingFederate server and the integration kit and get a 30-day license, all for free. So even if you have no interest in purchasing our product, you can still learn about SAML. Working through our Getting Started doc and the sample apps from the Java integration kit are in fact how I learned SAML.

If you are looking for code, you can find open-source code at sourceid.org.

Helpful product plug: If you are doing this for your own edification, go for it. If you are doing it for business purposes, consider our product, PingFederate. It is almost always cheaper than the cost and aggravation of rolling your own. And we can usually help you get your first connection working in 2 hours. We didn't invent SAML federation, but we have certainly perfected it.

 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!