Glassfish 4.1 与 Salesforce SSO over SAML

Question

I hope you're doing well.

I'm facing some issues migrating applications from Weblogic to Glassfish 4.1 and, I'm quite new with the Glassfish server.

I will try to explain what I'm doing and what I've found so far on googling.

There are some applications in Weblogic server that are set up to use SSO (SAML with Salesforce as Identity Provider), and Weblogic provides an easy out-of-the-box configuration to do that and I need to do the same but in Glassfish.

By my researches I found out that Glassfish provides SSO for the applications deployed on the same Virtual Server and doesn't have any configuration related to Third Parties for using SSO over SAML and, I should use tools like OpenAM, Shibboleth or similar as Service Provider and they must be deployed on Apache Tomcat.

I found the following discussion in the stackoverflow but is quite old (9 years ago): OpenSSO/OpenAM alternatives

Also, I found another link related to Glassfish + Salesforce but is quite old as well (from 2012): SSO using SAML2 updated document

So, my questions are:

1 - My applications are deployed in Glassfish, and I'd like to know what's the best approach or alternatives to set up SSO with Salesforce as Identity Provider over SAML (could be free and paid)?

2 - Is there any external tool that I can install/deploy in Glassfish instead of Apache Tomcat to configure the SSO over SAML?

I really appreciate any help.

Thank you.

Answer 1

You could use a Java library that acts as a SAML SP, no need for a full-blown SP implemetation as OpenAM for Shibboleth. Most of those libraries are acting as JEE servlet filter, so it should not be a big deal to extend your application.