Alfresco Community SSO with SAML

0
votes

My requirement is to Configure Alfresco for Single Sign On through SAML.

I found that there is no SAML support in Alfresco Community Edition. So I am planing to create custom Authentication Subsystem that can provide SAML SSO.

I have taken look at External Authentication Subsystem of Alfresco which provides SSO by fetching username from the request header.

So I am looking for the way to accept the response coming from SAML Identity Provider in custom Authentication Subsystem to validate identity of the user.

1
authenticationsingle-sign-onalfrescosaml
Hi - were you successful in achieving this? Would love to see your solution. Thanks.Vipul Swarup

1 Answers

2
votes

The easiest approach would be to have a proxy in front of Alfresco (apache httpd e.g.) that has a default saml module to validate the identity. SimpleSAML, Shibolleth, ... You can than easily pass a header (or anything else for that matter) to Alfresco that will except the user.

I do not have an example of the exact configuration, but this will help you on the way: https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig