AngularJS + Jersey 2.x:SAML 2.0 SSO登录实施
[英]AngularJS + Jersey 2.x: SAML 2.0 SSO Login implementation
问题描述
1) Is it possible to do a SAML 2.0 SSO Interaction using an AngularJS 1.x SPA and Jersey 2.x backend web service api? 
1)是否可以使用AngularJS 1.x SPA和Jersey 2.x后端Web服务api进行SAML 2.0 SSO交互?
2) Has anyone done this before? 2)有人做过吗? I can't find too many examples. 我找不到太多的例子。
My thoughts: 我的想法:
It seems like I can have certain endpoints that will http-post the saml assertion, send it to the idp and listen for their return post/get. 似乎我可以具有某些端点,这些端点将http-发布saml断言,将其发送到idp并侦听它们的返回发布/获取。 Then I could redirect the client from their original login xaml style call. 然后,我可以从客户端的原始登录xaml样式调用重定向客户端。
1 个解决方案
解决方案1
0 2016-05-10 18:33:07
Sharing my experience. 分享我的经验。
- I have Spring-mvc + AngualrJs web application. 我有Spring-mvc + AngualrJs Web应用程序。
- Webapp is based on token authentication, written a Filter that checks authentication header. Webapp基于令牌身份验证,编写了用于检查身份验证标头的过滤器。
- Implemented SAML Authentication using spring-saml project. 使用spring-saml项目实施了SAML身份验证。
- Two main entity in SAM Authentication SP=ServiceProvider and IDP=IdentityProvider SAM身份验证中的两个主要实体SP = ServiceProvider和IDP = IdentityProvider
- I have shared my metadata or SP metadata to IDP & IDP share his metadata with me. 我已经将我的元数据或SP元数据共享给IDP,并且IDP与我共享了他的元数据。 for understanding communication protocol. 了解通信协议。
- After successful login from IDP, we read response and generate my application authentication cookies. 从IDP成功登录后,我们读取响应并生成我的应用程序身份验证cookie。
spring website for generating SP metadata : http://saml-federation.appspot.com/saml 用于生成SP元数据的Spring网站: http : //saml-federation.appspot.com/saml
Note: You can test SAML authentication implementation on public hosted IDP called as ssocircle SSOCircle IDP metadata URL: ssocircle-metadata 注意:您可以在称为ssocircle SSOCircle IDP元数据URL的公共托管IDP上测试SAML身份验证实现: ssocircle-metadata
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.