Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Jetty SSO SAML
So is the normal setup with Apache using an add-on for SAML SSO, any recommendations on which are best?
And on the Jetty side would it be looking for a special HTTP header that the Apache side adds with the auth info. Or a cookie. Presumably encrypted? 

Thanks for the pointers to get me started down the right path.

Padraic



From: Cantor, Scott <cantor.2@xxxxxxx>
Subject: Re: [jetty-users] Jetty SSO SAML
Date: 2021-10-14 08:25 EDT
On 10/13/21, 6:00 PM, "jetty-users on behalf of Padraic Renaghan via jetty-users" <jetty-users-bounces@xxxxxxxxxxx on behalf of jetty-users@xxxxxxxxxxx> wrote:
Anyway, looking for pointers on setting up SAML SSO Single Sign-On with 
   Jetty.
The best option is Apache in front because that allows the use of more compliant and properly designed SAML SPs. The second best is probably pac4j as a solution, but there are no "standard" ways to do SAML in Java because there are no standard ways to do server-side web authentication in Java other than the worst one of all, which was JAAS (a desktop standard mis-applied to servers). 

-- Scott

Back to the top