spring saml - IDP initiated SSO -
i using spring saml implementation , acting sp(eg: alpha). able execute sp initiated sso , beingness able authenticate user idp. no issues in implementation.
but within application, need access sp(eg:beta) url linked same idp. both alpha , beta service providers trusted same idp. in scenario, after alpha authenticating user idp through sp init sso, beingness asked come in credentials 1 time again when redirect happens beta sp url. understand sp carries different sessions.
how can enable login in beta sp same samlcredential authenticated through alpha sp. after going through few documentations, see possible through idp init sso.
can tell me how configure application able handle sp init sso , idp init sso?
alpha sp shibboleth , other sp ezproxy
this seems problem idp.
you should include ordinary link on alpha points beta, when user reaches beta , doesn't have active session, should initialize single sign-on idp (just alpha did). , idp should re-use existing session (which should nowadays after authentication alpha) , not inquire additional credentials. shouldn't need create additional steps on alpha.
typically there's no need special/additional configuration in order enable idp initialized sso - when sp initialized sso works, idp initialized typically works well.
spring spring-mvc single-sign-on saml-2.0 spring-saml
No comments:
Post a Comment