Difference between revisions of "Single Sign On with SAML 2.0"

From Hornbill
Jump to navigation Jump to search
 
(155 intermediate revisions by 9 users not shown)
Line 1: Line 1:
<font color="red">PRELIMINARY INFORMATION</font>
+
This documentation has been moved to: -
  
The Hornbill platform supports single-sign-on and transparent auto provisioning of both user and guest accounts using SAML 2.0 providing enterprise-class user identity integration.
+
SSO Fundamentals
 +
* https://docs.hornbill.com/esp-fundamentals/security/single-sign-on
  
* Multiple Identity Providers Supported
+
SSO Configuration
* User Provisioning Templates
+
* https://docs.hornbill.com/esp-config/security/sso/sso-with-saml
* Digital Signature Validation
+
* https://docs.hornbill.com/esp-config/security/sso/single-sign-on
* Public Key Verification
+
* https://docs.hornbill.com/esp-config/security/sso/auto-provisioning
* Assertion Value Attribute Mapping
+
[[Category:HDOC]]
* Flexible NameID override
 
 
 
== SAML Overview ==
 
''Security Assertion Markup Language''' ('''SAML''', pronounced "sam-el") is an XML-based open standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is a product of the OASIS (organization) Security Services Technical Committee. SAML dates from 2001; the most recent major update of SAML was published in 2005, but protocol enhancements have steadily been added through additional, optional standards.
 
<br/><small>Source: [http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language]</small>
 
 
 
The use of SAML allows external authentication of users and is often also used for SSO (Single Sign-on), which is a method of access control that enables a user to log in to their organisation one time but then have transparent authorisation to access resources of multiple software systems without being prompted to log in to each system separately.  In the context of Hornbill, once configured, users may access their Hornbill instance pre-authenticated based on their enterprise desktop or browser login.  As well as supporting single-sign-on but we also provide the ability to auto-provision authorised users on the Hornbill instance which removes a significant overhead in terms of system administration.
 
 
 
There are three key actors in any SAML implementation, these are the "user" trying to access the  application, the "identity provider" which knows and had identified the user, and the "service provider" which provides the application and/or resources that the user wishes to access. Your Hornbill instance is a service provider, and typically your enterprise directory system, very often Microsoft Active Directory acts as the identity provider.
 

Latest revision as of 20:52, 18 April 2024

This documentation has been moved to: -

SSO Fundamentals

SSO Configuration

Retrieved from "https://wiki.hornbill.com/index.php?title=Single_Sign_On_with_SAML_2.0&oldid=32372"