This discussion is archived
2 Replies Latest reply: Dec 7, 2011 10:19 PM by 796252 RSS

Integrating OpenAM with WebApplication

796252 Newbie
Currently Being Moderated
Hello,

I have a simple web application which authenticates users via username/password entries in the database. The webapplication lies within the enterprise network

Now we are trying to implement SSO using OpenAM, for this web application. OpenAM is deployed within the DMZ of enterprise.

I would like to continue to use the authentication already provided by the web application. I do not want to replicate the userName and Password combinations to the OpenAM datastore.

The scenario would be as follows

1. Enterprise user (within the network) access the web application via browser.
2. The request is redirected to openAM login page
3. OpenAM internally uses the web application authentication (which could be exposed as a webservice)
4. After authentication user can navigate to other web applications (like Salesforce) without needing to login again.


Question:
1. Should i implement a customized authentication using openAM as described @ http://openam.forgerock.org/doc/dev-guide/OpenAM-Dev-Guide/chap-auth-spi.html
Or
Should i implement a post authentication plugin using openAM as described @ http://openam.forgerock.org/doc/dev-guide/OpenAM-Dev-Guide/chap-post-auth.html

2. How do i manage to implement this using federated SSO. The link @ http://developers.sun.com/identity/reference/techart/app-integration.html provides integration pattern for delegated SSO


regards
Sameer

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points