I'm trying to implement SSO for Liferay and i want to use Simplesamlphp as an Identity provider and Liferay will be the Service Provider. I have redirected the sign In in Liferay to my Simplesamlphp site by adding auth.login.url=http://myloginappjcq.com in the portal-ext.properties file. But when i click on sign In it redirects to my website myloginappjcq.com. In my Website i have added a link to my Liferay site. There are links to other applications as well in my website which are built using PHP. When i click on these links the application will be authenticated with the username and password which was given during the time of login. But, When i click on the Liferay Link it is not authenticated and it shows the sign In Page again.
Is there a documentation which explains Liferay integration with SImplesamlphp.
Thanks
Related
We have a Java application running on Wildfly. We use the Redhat keycloak adapter to authenticate against Microsoft Azure via SAML2.
This works fine for users. For example, If a user opens the application
The keycloak saml2 adapter redirects the user to the Microsoft login page (https://login.microsoftonline.com/...) with the SAMLRequest.
The user can login with userid/password
And the user is redirected back to the wildfly app. The user is now authenticated in wildfly and a JSESSIONID is used for further requests as usual.
But how can I login programmatically? I have for example backend services which need to request data form the app. I already tried to implement a java RequestFilter but this works only until the point I get redirected to the Microsoft Login Page for users. This login page consists only of JavaScript (!) and I can not post my UserID/Password to get redirected back.
Does somebody knows how to do a Azure AD Login in java or with curl? Or is there any alternative URL for the Login not based on Javascript - maybe some Rest API?
I've been developing an WebAPI based application with token based authentication implemented and Using angularJs 1.6 as front-end. Requirement is to provide SSO for office365 without navigating user to microsoft login page for consent when user in signed in to application using login page of dashboard. Currently I'm not able to find any way to do that. Kindly guide me in accomplishing that. In my dashboard I'll provide link for any microsoft service. Let's say OutLook. When the user clicks on that link it will open up in new tab. I've been able to accomplish that using SMART LINKS. But for now user need to authenticate again on microsoft's login page.
Kindly help me in accomplishing SSO for that.
I have 2 sites using Azure AD B2c for authentication. One site is embedded in the other using an iFrame. Independently, auth works fine for each, but when inside an iframe, the site is unable to access the login page because it disallows iframes. I really just need SSO to work but I can't find any documentation on how to do this.
We already faced this topic and were not able to solve it directly.
Right now / during preview this is not supported.
You really have to put your sign in / sign up web pages into B2C custom templates (to have your desired look and feel) and forward to the respective policies from your web site.
how to use SSO in liferay portal if alfresco it is been integrated ?
Meanwhile i have to login in liferay portal and again login in alfresco portlet and alfresco it is been integrated in liferay portal ??
Image of Alfresco_Liferay
Alfresco in the Cloud has SAML integration that can use an SSO identity provider.
There is an enterprise SAML module for on-premise coming soon, or you can pay for consulting to get it earlier. Otherwise, perhaps you can do something with Alfresco External Authentication, and hook into an SSO solution that way.
See http://docs.alfresco.com/5.0/concepts/auth-intro.html
I have configured WSS with OpenID to enable FBA authentication. I have added a custom login page. Im able to authenticate using the OpenID account, however when i return back to the default.aspx page i get the 'Access Denied' page.
The Question is how can i tell WSS to allow OpenID authentication into the web application?
I have used the DotNetOpenId library.
I haven't integrated with WSS myself, but assuming you have it in FormsAuthentication mode, then the only other thing I think that could be blocking you would be that while you are logging the user in (with SetAuthCookie or RedirectFromLoginPage) you need to pass in the roles the user belongs to. If WSS is rigged to only invite users in the "WebUser" role, for example, be user to pass that into the login methods.
You can find out what roles are required and what your Authentication mode is from inspecting your WSS site's web.config file.
If you are using FBA you can add the openid account as an fba account. You can easily do this by using a custom login page. Here is a sample http://blog.xsolon.net/Posts/sharepointopenid.aspx