This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Demonstrating SSO between Web Applications
- Former user (Deleted)
Introduction
This sample uses two Web applications, which have their own login pages to authenticate a user. Once these Web applications are published through the App Manager, it will authenticate the user and return a JWT token created with user claims, which are taken from the user profile, and send them to the backend Web application. Web applications are written in a way to process the JWT token and authenticate the user. If JWT header is not available in the request, it will redirect the Web application to its login page.
Prerequisites
Download WSO2 App Manager, and start the server.
- Start the Web server (e.g. Apache Tomcat)
Building the sample
Follow the steps below to build the apps for this sample.
Building the Plan Your Trip app
Follow the steps below to build the Plan Your Trip app. Alternatively, you can build the sample app by building the product source. Follow the steps below to download the source and build the app.plan-your-trip.war file).plan-your-trip.war file to <TOMCAT_HOME>/webapps/ directory, to host the file in the Web server.Building from source
$ git clone https://github.com/wso2/product-app-manager/
product-app-manager/web_apps/plan-your-trip/ directory from the CLI, and build the source using the command: mvn clean installplan-your-trip/target/plan-your-trip.war file to <TOMCAT_HOME>/webapps/ directory, to host the file in the Web server.
Building the Travel Booking app
Follow the steps below to build the Travel booking app. Alternatively, you can build the app by building the product source. Follow the steps below to download the source and build the app.travel-booking-1.0.war file).travel-booking-1.0.war file to <TOMCAT_HOME>/webapps/ directory, to host the file in the Web server.Building from source
$ git clone https://github.com/wso2/product-app-manager/
<travel-booking>/Travel/ directory from the CLI, and build the source using the command: mvn clean install<travel-booking>/Travel/target/ travel-booking-1.0.war file to <TOMCAT_HOME>/webapps/ directory, to host the file in the Web server.
Executing the sample
Follow the below steps to execute the sample.
When setting up the two Web apps for the sample using the instructions given below, do not access it from the Web browser using the Gateway Endpoint URL.
- Set up the Plan Your Trip Web app using the App Publisher. For instructions on how to setup, publish and subscribe to the Plan Your Trip Web app, see Demonstrating JSON Web Token (JWT) Usage - Plan Your Trip App.
Set up the Travel Booking app using the App Publisher. For instructions on how to setup, publish and subscribe to the Travel Booking Web app, see Demonstrating JSON Web Token (JWT) Usage - Travel Booking App
Testing SSO
You can access any number of applications through the same Web browser using a single login through SSO. Follow the below steps to test single sign-on after setting the two Web apps.
- Access one Web application by entering the endpoint gateway URL as shown below.
This will redirect you to the IDP login page, since still we are not logged in. Once you provide the correct credentials, it will redirect you to the Web application. - Access the second Web application also by entering the endpoint gateway URL of it as shown below in the same browser.
This will directly redirect you to the Web application without giving the IDP login page. This is because you are already authenticated to one application using SAML SSO.