SSO Spring Security and JSF

Question

Good day community:

I am currently developing projects with MyBatis, Spring Security and JSF 2.2.

I've done with these frameworks, 3 projects. These projects have three different database developed in SQL Server 2008.

Then, users of each database are the same, but they are in a Users table each, ie there is a table users per database.

What we have asked is that there can be only one single sign, and thus a user only has a single username and password.

How could make for these three systems are unified into single login? My current solution in which also I have problems is:

• Create a view in SQL Server 2008 users to bring me a central database and from there access is obtained.
• Create an authentication module, which at login, can see only those systems where the user has access; in this case, clicking on one of these systems, automatically enter without again login. I was thinking to login to web services.

I hope I can help with ideas or ways of solutions.

All users are retrieved from a database and systems can continue to increase, but henceforth depend on the database.

Greetings and thanks.

Answer 1

Have you come across the Spring SAML module before? This is Spring's implementation of SAML 2.0 authentication, designed specifically with single sign-on in mind.

One of your servers can act as the identity provider , which you can think of as the main system that the users access. They will enter their username and password into this system. The other two systems will need to be setup as service providers - when a user tries to access one of them, they do not enter their username and password. Instead, a request gets sent to your identity provider (main system), which receives and validates the request, and will then allow access if the user is signed in to the identity provider already. If they are not signed in already, it will re-direct them to the login page for the identity provider from which they can login, and will then be re-directed to the system they were attempting to access.

Sorry if that is confusing at all. Head over to here for more information about the Spring SAML module. I implemented SSO for one of my clients using this, and I can highly recommend it for ease of configuration and implementation.