My project is currently uses spring-security as follows:
I would to enhance my project to support SAML2 SSO using spring-security-saml2-core and an external IdP such as ssocircle.com or onelogin.com but I am not sure if it is possible and if so how. Specifically I have the following questions:
TIA for any high level advice on how to support SAML2 SSO in my scenario.
- Has a webapp service provider (SP)
- SP uses LDAP as IdP username / password as auth tokens
- Has a Swing based fat client (FC) that accesses SP using SOAP/HTTP
- Has a REST client (RC) access the SP using HTTP
- FC and RC both authenticate with SP via WSS using spring-security and basic authentication
I would to enhance my project to support SAML2 SSO using spring-security-saml2-core and an external IdP such as ssocircle.com or onelogin.com but I am not sure if it is possible and if so how. Specifically I have the following questions:
- How to handle the Swing based fat client (FC) in the SSO scenario? How does it change to support SAML2 SSO?
- What would be the authentication mechanism between FC and SP? Would it still be WSS using spring-security?
TIA for any high level advice on how to support SAML2 SSO in my scenario.
