Monday, March 14, 2016

Identity Patterns with the WSO2 Identity Server
Login to multiple service providers with the current Windows login session

Problem:
  • The business users need to login to multiple service providers supporting multiple heterogeneous identity federation protocols. 
  • Some service providers are on-premise while others are in the cloud. 
  • A user logs into his Windows machine and should be able to access any service provider without further authentication.
Solution:
  • Deploy WSO2 Identity Server over the enterprise active directory as the user store. 
  • Represent all the service providers in the WSO2 Identity Server and configure the corresponding inbound authenticator (SAML, OpenID, OIDC, WS-Federation). 
  • For each service provider, under local and outbound authentication configuration, enable IWA local authenticator. 
  • In each service provider, configure the WSO2 Identity Server as the trusted identity provider. For example, if Salesforce is a service provider, in Salesforce, add WSO2 Identity Server as a trusted identity provider. 
  • Products: WSO2 Identity Server 5.0.0+ 

0 comments: