Demonstration of AEM and SAML integration

Description


Goal




To provide simple ready to use single sign-on experience with AEM SAML support.

Resolution


Setup




Get started with three simple steps:

  1. SSOCircle (http://www.ssocircle.com/en/) is a free public identity provider. Register and activate the account in SSOCircle.
  2. Configure SAML in AEM to communicate properly with idp(SSOCircle) by installing the demo package. The package content & configuration mapping covered under section “Additional Mapping Details.”
  3. This step is required only if you want to test against your own domain rather than localhost or if AEM running is port other than default one.
  4. Create/update AEM Metadata with IDP provider.  (Log in to SSOCircle, then choose Manage Metadata Add new Service Provider.)
    1. Make sure that the Entity ID is unique; change the value of entityID in the following XML to a unique value.
    2. Update the AssertionConsumerService location to valid URL for saml consumption in the following XML.
    3. Finally, update the serviceProviderEntityId to the same value of entityID (Step i) at  http://host:port/system/console/configMgr/com.adobe.granite.auth.saml.SamlAuthenticationHandler
1
2
3
4
5
6
7
md:EntityDescriptor` `xmlns:md``=``"urn:oasis:names:tc:SAML:2.0:metadata"` `entityID``=``"http://localhost:4502/"````  ````md:SPSSODescriptor` `protocolSupportEnumeration``=``"urn:oasis:names:tc:SAML:2.0:protocol"````          ````md:SingleLogoutService` `Binding``=``"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"` `Location``=``"https://idp.ssocircle.com/sso/UI/Logout"` `/``          ````md:NameIDFormat``urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress/``md:NameIDFormat````        ````md:AssertionConsumerService` `Binding``=``"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"` `Location``=``"http://localhost:4502/saml_login"` `index``=``"1"``/``  ``/``md:SPSSODescriptor````/``md:EntityDescriptor







Additional mapping details




Metadata of SSOCircle available at http://idp.ssocircle.com/.




Download




AEM SAML Config Package

On this page