Managing Single Sign-On

One of the key features in WSO2 Identity Server is SAML2-based Single-Sign-On (SSO) feature. This implementation complies with the SAML2 Web Browser SSO profile and the Single Logout Profile.

Single Sign On (SSO) systems have become very popular since it is a very secure and convenient authentication mechanism. WSO2 Stratos and Google Apps can be taken as best examples for Single Sign On systems where users can automatically login to multiple web applications once they are authenticated at a one place using a single credential.

Security Assertian Markup Language (SAML) version 2.0 Profiles Specification defines a web browser based single sign on system. This article briefly explains the SAML 2.0 web browser-based SSO profile and guides you to build your own SAML 2.0 Assertions Consumer using the OpenSAML 2.2.3 Java library. This section helps you to understand how SAML 2.0 based SSO systems work and how to use WSO2 Identity Server as the Identity Provider in a SSO system.

Please visit the following pages to learn more on using SAML2-based SSO:

• Adding a Service Provider
• Configuring Single Sign-On Across Different Carbon Servers
• Deleting a Service Provider
• Setting Up SAML2 Based SSO
• SAML2 IdP with SimpleSAMLphp Service Provider
• Enabling SSO for WSO2 Servers
• Single Sign-On Across Web Applications and Web Services
• Decentralized Federated SAML2 IdPs