具有SSO（SAML）和ADFS的Java应用程序 [英] Java application with SSO (SAML) and ADFS

问题描述

我正在创建一个Java应用程序以使用ADFS实现SSO（SAML）。我不确定是否可以单独使用ADFS完成SAML。在安装ADFS时，我注意到它需要依赖方和要求提供者信任的配置（基本上是SP和IP，对吗？）。对于在Java应用程序中具有SP和IP，还是将其留给ADFS进行处理，我感到困惑。

I am creating a java application to implement SSO (SAML) using ADFS. I am not sure if SAML can be done using ADFS alone. While installing ADFS, I noticed that it required configurations of relying party and claim providers trusts (which are basically the SP and IP, right?). I am confused as to whether to have SP and IP in the java application, or just leave it to the ADFS to handle.

任何帮助将不胜感激。谢谢！

Any help would be greatly appreciated. Thanks!

推荐答案

您的Java应用程序将成为从身份提供者（IdP）服务器接收身份的服务提供者（SP）。在您概述的用例中，ADFS将是IdP服务器。在您的应用程序中，您将需要集成一个库（例如SAML堆栈）来处理SAML声明。 SAML需要在接口的两侧进行配置。有一些开源选项，例如 OpenSAML 。根据您所在的组织，您可能还希望查看供应商提供的解决方案以及长期支持。

Your Java application will be a Service Provider (SP) that receives identity from an Identity Provider (IdP) server. In the use case you have outlined, ADFS will be the IdP Server. within your application you will need to integrate a library (e.g. SAML stack) to process the SAML assertion. SAML requires configuration on both sides of the interface. There are a few open source options such as OpenSAML. Depending on your organization, you may want to look at a vendor provided solution as well for long term support.

这篇关于具有SSO（SAML）和ADFS的Java应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！