Just to add on to the options already listed (which I'm sure work just great!), we used openSAML and wrote our own valve fairly painlessly and have been having really good success with it.
Steve Sanders On Mon, Dec 21, 2020 at 1:17 PM George Stanchev < george.stanc...@microfocus.com> wrote: > We use spring-security-saml for application-level SP implementation and it > works pretty good too. The project is in the process of being rewritten > from scratch though with 2.0 in milestone builds. No direct integration > with Tomcat though but on application level. > > George > > -----Original Message----- > From: André Warnier (tomcat/perl) <a...@ice-sa.com> > Sent: Thursday, December 17, 2020 8:42 AM > To: users@tomcat.apache.org > Subject: Re: Tomcat SSO valve implementation > > On 16.12.2020 19:39, Kevin Oxley wrote: > > We are trying to support SSO SAML 2.0 for user authentication in Tomcat > > (9.0.22). Can anybody provide a reference to a pre-integrated SAML SSO > > valve implementation that you've had a good experience with? > > > > searching Google for "SAML SP for servlet engine" gives a few links, among > them this one : > https://dzone.com/articles/saml-single-sign-on-with-tomcat-and-picketlink > > I haven't tried it myself. In my cases, I always use an Apache httpd > front-end, which does the authentication prior to proxying to a back-end > tomcat (with the Connector attribute ' > tomcatAuthentication="false" '). In the front-end Apache2 httpd then, we > use Shibboleth as the SAML SP side. > That works perfectly. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
