Mar 19th, 2011, 04:36 PM
Integrate Single Sign On using Spring Security
I'm using Spring Security and I would like to use another site as one of my authentication providers. I have a basic form based login on my site. I want to have a link on my site that takes the user to an external site where they will login and that external site will then post a xml response back to me with data that I can verify to see if there was a successful login. Any help would be greatly appreciated!
How do you integrate that flow into Spring Security?
Once I get the response back, how would I auto log user on?
Mar 20th, 2011, 10:40 PM
I would stick to a standard Single Sign On Solution rather than trying to write your own. Spring Security supports CAS and OpenID as Single Sign On solutions. See the reference for details. There is an extension for SAML support, but it has not yet reached a major release. There is an extension for OAuth which is used by some sites as a means of performing SSO.