58693

Build Custom SSO with SAML

Question:

<strong>Updated:</strong> Thanks for responding on my post. I am very sorry, as of today these were the requirement details. However, I can elaborate more on what I understand. I some idea on WIF, where I can write my own STS, RP and publish policies.

Couple of queries here. Do we need to have an IdP and should we connect STS to IdP. if not, can we go without IdP. I will have to use claim base authentication and federated identity mgmt in the application.we do not depend on AD/LDAP integration.

Imp Requirements are in this way. 1) we allow customers to do self registration who are direct users of this portal-M and the other set of users come from partner-X where the company claims are verified using SAML Req/Resp to access the portal-M. 2) once the direct user or user-thru-partner-X enters the portal-M, he/she should get access to another portal-N of partner-Y sending SAML request in similar fashion.

I have provided as much as details I know, since I am new to this technology of SSO/FIdM

I would happy to provide more information, if needed

<strong>Original</strong> I have got a complex task to build a solution of externalized SSO with SAML that would be used by customers of different partners over web. the constraints are to build IdP/STS/Issuers/RP/Trusts/Policies with no open source or commercial product support choosing specific technology platforms such as Microsft or/and J2EE.

On top of these, IdP must have to use in house custom data store available on SQL Server and Oracle.

your ideas are appreciable and thanks in advance

Answer1:

So you want to implement a SAML stack without using any commercial or open source software?

That is a HUGE amount of work and you will need to spend a non-trivial amount of time getting your head around SAML.

In terms of a DB as your Identity repository, refer: <a href="https://github.com/thinktecture" rel="nofollow">Thinktecture IdentityServer</a>.

In terms of SAML stacks, refer: <a href="http://nzpcmad.blogspot.co.nz/2013/06/saml-saml-stack.html" rel="nofollow">SAML : A SAML stack </a>.

Recommend

  • server giving msxml3.dll error '80072f7d' when trying to access secure url
  • Duplicate groups of records to fill multiple date gaps in Google BigQuery
  • Python construction of value set dictionary
  • Python: Compare Filenames in Folder
  • Spring Security 3.1.3 @EnableWebSecurity
  • Domain name setup with AWS S3 bucket with static hosting
  • Grails redirect with reverse proxy
  • How to enumerate Azure subscriptions and tenants programmatically?
  • What is the difference between NetSuitePortType and NetSuiteService?
  • Write “NOT IN” in Doctrine Query Language
  • Fail SonarQube quality gate when coverage decreases
  • How to add plugin dependencies to pom.xml
  • How to use HTTP Authentication with PHP and then run the entered data against a database?
  • Giving security priviliege to a scheduler in Java EE 6
  • 2-table interaction: insert, get result, insert
  • Sending rails errors to rspec output
  • Multiple versions of iTunesArtwork in one project?
  • MEF 2: import many
  • Encrypting credit card details using AngularJS in Braintree
  • Autohotkey script running program with command line arguments
  • How can I add web content type in liferay 6?
  • Vigenere cipher not working
  • Command line installation of Code Signing certificates, .p12 files, and mobileprovisions
  • How can we prepend rows to a react native list-view?
  • Can I use AllJoyn Framework for Wifi Direct in iOS?
  • CodeIgniter URI Parameter is partially bypassing an “if” statement
  • Bash if statement with multiple conditions
  • Silverlight DependencyProperty.SetCurrentValue Equivalent
  • Copy to all folders batch file?
  • Specifying Castle WCF Integration Facility Endpoint Behavior per Endpoint
  • How to make a tree having multiple type of nodes and each node can have multiple child nodes in java
  • Cassandra Data Model
  • Confusion with PayPal's monthly billing cycle
  • Codeigniter doesn't let me update entry, because some fields must be unique
  • How to set the response of a form post action to a iframe source?
  • Change div Background jquery
  • Qt: Run a script BEFORE make
  • How to get NHibernate ISession to cache entity not retrieved by primary key
  • reshape alternating columns in less time and using less memory
  • UserPrincipal.Current returns apppool on IIS