Reputation: 1340
Cross domain SSO using openAM
I have a requirement where I need to to do cross domain SSO using openAM. The SP server has a different cookie than the IDP. I need to access the IDP cookie to retrieve the IDP datastore user details. The SP uses a anonymous user.
Upvotes: 0
Views: 2873
Answers (3)
Reputation: 1340
I managed to implement the cross domain SSO using the rest API of openAM. The openAM authentication call returns a tokenId on successful login. This I stored and shared between all domains and it worked.
Upvotes: 0
Reputation: 165
I implemented a cross domain solution using the instructions present in this tutorial: http://fczaja.blogspot.com/2012/06/idp-initiated-sso-and-identity.html
Please go through it and see if it is helpful for you as well. Thanks.
Upvotes: 1
Reputation: 2744
IdP and SP are terms of standardsbased SSO using federation protocols like those defined in SAML standard. SAML does not rely on cookies as SSO tracking mechanism. (except from IdP discovery).
OpenAM's proprietary SSO mechanism relies on cookies.
If you mean by 'SP' a web-app protected by an OpenAM agent (url or policy agent) then you have to configure the agent to run in so called CDSSO mode.
Unfortunatley it's not really clear what you want to achieve.
You may look at the tech-overview from OpenSSO (http://docs.oracle.com/cd/E19681-01/820-3740/index.html) first as OpenAM does not have such a doc yet.
Upvotes: 1
Related Questions
- AEM 6.2 SSO (SAML) Integration
- SAML : How to implement SSO (Single sign on ) for an web application
- Single Signon between service providers
- OpenAM does not allow login in a realm if using Cross Domain SSO
- How to configure an OpenAM SAML token to include the SSO Token?
- sso saml with weblogic and openam
- Cross domain sso with OpenAM with SAML 2.0
- How to implement openAM SSO to my existing web applications
- how to Configure openam as Identity provider(IdP) to test SAML based SSO
- SalesForce initiated SSO using openAM