We have a webspeed application that houses many clients and they typically login via a login page with a userid and password and they have access to their information only. We have been tasked by one of our clients to provide their users with a SSO option. They use ADFS. How can we incorporate this into our system? What are the steps? Does anyone have examples? Do we need to purchase additional software? Please help!!!
If you enable ADFS, you should see AUTH_TYPE is set to "Federation" and REMOTE_USER set to domain\user.
Let me clarify a little more. This is a website where you login and based on your login the website displays your company information, your company colors, logos, items they have access to, etc. 99.9% of our clients create a userid and password and login to our website with those credentials. We have a client that doesn't want their users to create a userid and password, but rather be passed to us via SSO and specifically ADFS. How can we maintain our existing login page while offering this one client to bypass the login page and go straight into our web site using ADFS SSO? Has anyone had experience with this? We use OE 11.7 with Webspeed.
You will need an /extra/ virtual directory or so that accepts ADFS - simply by being ADFS, the CGI variables AUTH_TYPE and REMOTE_USER will be populated.
Stefan, We are really green on SSO. How do you 1. enable ADFS and 2. even if we setup a virtual directory what else do we need to do. I'm sure we have to write some type of code. Again, sorry for all the questions but we have never done this. We are looking for a step-by-step process on how to do this. Do you have anything that could help us? Thanks!
Google is your friend.
https://kb.itglue.com/hc/en-us/articles/227391067-Configuring-single-sign-on-SSO-with-ADFS
Update from Progress Community
phil.burling@spihq.com Stefan, We are really green on SSO. How do you 1. enable ADFS and 2. even if we setup a virtual directory what else do we need to do. I'm sure we have to write some type of code. Again, sorry for all the questions but we have never done this. We are looking for a step-by-step process on how to do this. Do you have anything that could help us? Thanks!
View online
You received this notification because you subscribed to the forum. To unsubscribe from only this thread, go here.
Flag this post as spam/abuse.
Yes, you enable ADFS (never done it myself, but it should be as easy as plugging some identity provider into IIS) so that you have authentication on a virtual application / directory.
Then you adjust your login code to check AUTH_TYPE (this is a shared variable provided by WebSpeed which will have the value "Federated"). If you have a Federated login, you check REMOTE_USER (another shared variable provided by WebSpeed) and additionally you may want to check if the domain of this user matches a domain for which you allow SSO. If all is ok then you populate whatever you set whatever you do to signal a correct login (cookies, session) and skip past the login page.
You might be better of using the classroom edition. That one is easy to install (no questions asked) and to use.
