Virtual Providers (VPs) are very useful when we need to federate with external providers, but we don’t want to expose all these providers to our internal services. VPs are also used to enhance or adapt an external provider. For example, we can connect our SAML Service Providers with an external OpendID Connect Identity...

Introduction Normally, you will install an agent in each container that will host SSO partner applications. For example, if you have applications deployed on IIS and Apache, you will have to install an agent in each container. Agents are part of the Service Provider (partner application) runtime environment. The ISAPI...

This tutorial explains how to build, install, configure and deploy the JOSSO Agent for the Apache Httpd Web Server. The agent is implemented as an Apache module that intercepts HTTP requests to provide security context. In order to install the agent you must compile it using Apache development tools. You can modify the...

This guide will walk you through the steps to get a JOSSO agent up and running in a Weblogic execution environment. JOSSO agents follow a different versioning scheme than the server/distribution. Agent versions are currently 1.8.13 or 1.8.14, and are included in the server distribution. Integration Overview JOSSO’s...

Introduction This is a quick start for integrating a Tomcat Web application with JOSSO. JOSSO integration relies on an SSO agent component installed in the container. Atricore provides agents for a wide variety of platforms: All JEE Container: Tomcat, JBoss, Weblogic, Wepbsphere, Jetty, Liferay Apache Server 2.2...

This tutorial describes how to integrate JOSSO with a Directory server. User will be authenticated by JOSSO with an LDAP Bind (connection) to the server using the retrieved user credentials (user identifier and password). In order to use a Directory server as the identity source for user and role information, an LDAP...

OpenID Connect 1.0 (OIDC) is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner....