One of the key features in WSO2 Identity Server is SAML2-based Single-Sign-On (SSO) feature. This implementation complies with the SAML2 Web Browser SSO profile and the Single Logout Profile.
Single Sign On (SSO) systems have become very popular since it is a very secure and convenient authentication mechanism. WSO2 Stratos and Google Apps can be taken as best examples for Single Sign On systems where users can automatically login to multiple web applications once they are authenticated at a one place using a single credential.
Security Assertian Markup Language (SAML) version 2.0 Profiles Specification defines a web browser based single sign on system. This article briefly explains the SAML 2.0 web browser-based SSO profile and guides you to build your own SAML 2.0 Assertions Consumer using the OpenSAML 2.2.3 Java library. This section helps you to understand how SAML 2.0 based SSO systems work and how to use WSO2 Identity Server as the Identity Provider in a SSO system.
Please visit the following pages to learn more on using SAML2-based SSO:
- Adding a Service Provider
- Deleting a Service Provider
- Working With SAML2 Based SSO
- Configuring Single Sign-On Across Different Carbon Servers
- Configuring SSO Session Timeout
- SAML2 IdP with SimpleSAMLphp Service Provider
- Enabling SSO for WSO2 Servers
- Single Sign-On Across Web Applications and Web Services
- Enabling SSO using OpenSSO as the IDP
Also see the sample Configuring SAML2 SSO.