As part of project PicketLink Marcel Kolsteren, Seam Integration Lead, developed a module that allows developers to easily connect their seam application to external identity providers. The module supports SAML and OpenID. It also ships with an out-of-the box integration with SSOCircle. You will find a preconfigured saml-entities.xml file which includes the meta data for SSOCircle public IDP.
In his article External authentication example using SSOCircle he describes how to deploy the application, login via SSOCircle – either by choosing the IDP explicitly (see screen)
login page seam module
or by automatic redirection – and logout – either by local logout ( only from the seam application) or by global logout ( destroying the local session and the session at SSOCircle IDP).
Please note: if you need a private IDP to integrate with, check out our white label hosted IDP offering called IDPee. The private IDP has its own user database, can be customized to your branding and can be configured for several strong authentication methods. For more information: http://www.ssocircle.com/plans.shtml
We liked the comment he sent to us during his test work:
“I’m glad that SSOCircle exists … it’s very handy for developers and good promotion for SAML in general! For OpenID it’s very easy to find lots of free identity providers in the cloud, but for SAMLv2 SSOCircle seems to be unique.”
About PicketLink (Quote from http://www.jboss.org/picketlink )
PicketLink is an umbrella project that aims to address different Identity Management needs. PicketLink is an important project under the security offerings from JBoss and includes the following components:
- IDM: Provide an object model for managing Identities (Users/Groups/Roles) and associated behavior using different identity store backends like LDAP and RDBMS.
- Federated Identity: Support SAMLv2, WS-Trust and OpenID.
- AuthZ: Developer friendly authorization framework
- XACML: Oasis XACMLv2 implementation.
- Negotiation: Provide SPNego/Kerberos based Desktop SSO.
