Enabling SSO on custom ADF application
What is Single Sign On?
Single sign on is an authentication method to access multiple sites using one credentials.
Single sign on worked on the trust relationship created between website using service provider and identity provider. This trust we create upon certificates which get exchanged between service provider and identity provider. This certificate is usually use to sign identity information that’s being sent from the identity provider to the service provider so as that the service provider knows it’s coming from a trusted source. In SSO, this identity data takes the form of tokens which contain identifying bits of data about the user like user’s email address or a user name.
The login flow usually looks like this:
- A user browses to the website they need access to, aka, the Service Provider.
- The Service Provider sends a token that contains some information about the user, like their email address, to the Identity Provider, as part of a request to authenticate the user.
- The Identity Provider first checks to ascertainwhether the user has already been authenticated, in which case it will grant the user access to the Service Provider application and skip to step 5.
- If the user hasn’t logged in, they’re going tobe prompted to try to do so by providing the credentials required by the Identity Provider.
- Once the Identity Provider validates the credentials provided, it will send a token back to the Service Provider confirming a successful authentication.
- This token is passed through the user’s browser to the Service Provider.
- The token that’sreceived by the Service Provider is validated consistent with the trust relationship that was set up between the Service Provider and therefore the Identity Provider.
- The user is granted access to the Service Provider.
Priya Garg is working with Trinamix Inc. as a Technical Consultant having good experience in Oracle ADF, Oracle PaaS and also have knowledge on OIC, Oracle visual builder, WebLogic server.