fartyalvikram
New Member.
621 views

SSO using Static Token

I have one scenario.
Client have an application, in this they have one link button.
When they click on this button it will redirect to different application URL which is protected by Access Manager with Static Token.
So now I have to validate this static token and if token is valid then I have to pass this user to application which is protected by Access Manager.
So any suggestion how can I do that?

I am using Access Manager 4.3.
0 Likes
3 Replies
Knowledge Partner
Knowledge Partner

Re: SSO using Static Token

On 09-02-2018 4:34 AM, fartyalvikram wrote:
>
> I have one scenario.
> Client have an application, in this they have one link button.
> When they click on this button it will redirect to different application
> URL which is protected by Access Manager with *Static Token*.
> So now I have to validate this static token and if token is valid then I
> have to pass this user to application which is protected by Access
> Manager.
> So any suggestion how can I do that?
>
> I am using Access Manager 4.3.


This is a tricky one. You'll most likely have to write a custom auth class for this as this static token is probably not standards based. The easiest
way is to stick both apps behind NAM.


--
Cheers,
Edward
0 Likes
fartyalvikram
New Member.

Re: SSO using Static Token

Thanks for the reply, please see below full use case.
Client have "Site A" which is already integrated with "Site B (IDP)" this integration is not done by Access Manager, they have used Federated SSO Token for this integration.
We have Site C, which is protected by Access Manager.
Site C and Site B (IDP) is already integrated inside the Access Manager using SAML 2, they both have trusted relationship and metadata already exchange between them and working fine.
Now they want, If user is already login into Site A using Site B (IDP) authentication and then user click on link button which is inside Site A, it will open Site C URL in new tab and they send some Static Token and now we have to validate this token and if token is valid then we have to pass this user to Site C.

You mentioned that in your previous reply "The easiest way is to stick both apps behind NAM", that means we have to Protect "Site A" inside Access Manager and "Site C" is already?
0 Likes
Knowledge Partner
Knowledge Partner

Re: SSO using Static Token

On 09-02-2018 11:14 PM, fartyalvikram wrote:
>
> Thanks for the reply, please see below full use case.
> Client have "Site A" which is already integrated with "Site B (IDP)"
> this integration is not done by Access Manager, they have used Federated
> SSO Token for this integration.
> We have Site C, which is protected by Access Manager.
> Site C and Site B (IDP) is already integrated inside the Access Manager
> using SAML 2, they both have trusted relationship and metadata already
> exchange between them and working fine.
> Now they want, If user is already login into Site A using Site B (IDP)
> authentication and then user click on link button which is inside Site
> A, it will open Site C URL in new tab and they send some Static Token
> and now we have to validate this token and if token is valid then we
> have to pass this user to Site C.
>
> You mentioned that in your previous reply "The easiest way is to stick
> both apps behind NAM", that means we have to Protect "Site A" inside
> Access Manager and "Site C" is already?
>
>


You'd want to create a SAML relationship between site A and Site C and use a SAML token instead of a 'static token' that are referring to.

--
Cheers,
Edward
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.