I was using asp.net to create the web site by the way. Does anybody have experiences about this or making a third-part authentication SSO provider application?
Any idea would be appreciated.
Accepted Answer0Hi Merlin,
Here is a couple of cases that you can use to authenticate to SBM assuming that we are just taking an existing authentication to the portal and redirecting it to the SBM UI.
The portal is behind a proxy that requires authentication. Proxy sets a header on login and allows users to continue on to the portal. The user then clicks a link to open up SBM. Set SBM behind that same proxy so that SBM reads the header with the login id and logs the user in using SBM's SSO third party authentication (custom header).
The portal logs the user in with some sort of IDP, that is not a proxy, but sets a cookie or some other session variable for the user on login. Setup SBM so that its federation server URL redirects the user to the IDP server for login. For example, SBM's federation server url is https://sbmserver/idp/login, override this url to be https://idpserver/idp/login. Once the user logs in, a header is set and the url is proxied to SBM so that it hits the SBM IDP with a header set. User gets logged in using SBM's SSO third party authentication (custom header).
The portal uses and IDP that is SAML2 capable. Make SBM use that same IDP using SBM's SSO third party authentication (SAML2).
I hope this helps.
Accepted Answer0Hi David,
It seems Case 2 suit for me. However, I have some questions and need your help.
You said overriding federation url to https://idpserver/idp/login. My question is where is the setting that I can make that change in SBM. The second question is how SBM knows the user been authenticated. Is just preparing custom header enough? The last question is when I go to url http://localhost:8085/idp/ on my SBM Server, it is redirected to the url ‘https://hostname/idp/sso/saml’. Of course, there is no web server named ‘hostname’, and a page not fond is shown. It seems like there is setting incorrect. Do you know where is the setting.
Thanks for your help.