These days almost all public facing applications allow you to login (authenticate) with your social media ID/Password. Common sources of these social media authentication sources are Facebook & Google. Bluemix SSO service makes it easy for you to create applications that can integrate with multiple security providers.
In addition to social media as a identity source, this service also allows you to use the Enterprise LDAP as a identity source (SAML). This blog will walk you through the steps you need to follow for integrating your Bluemix applications with an instance of the SSO service.
SSO Managed Service
The SSO service is one of the many security related managed services available out of the box on Bluemix.
The documentation for the service is available here
- It allows you to define multiple sources of identity. The sources may be:
- Enterprise LDAP directory (SAML)
- Social sources such as Facebook, LinkedIn & Google+
- Cloud Directory. You may create a list of users on the Bluemix within the SSO service instance itself. This is good for testing but not for a production grade enterprise application.
- Default login page is provided by the SSO service. If you want you may change the design of the page by downloading the implementation (HTML, CSS..) and then applying changes to it and then uploading it back to SSO service instance.
- Multiple Bluemix applications may bind to the same instance of the SSO service instance....that is how you achieve the Single Sign On (SSO)
- Application after binding need to Integrate with the SSO service instance using the service setup console. In this step application enables/disables the identity sources. E.g., if the service instance is setup with the 2 sources (LinkedIn, Facebook), one application may enable both sources another may enable only Facebook
Creating an SSO enabled JAVA Liberty Application
Please note that step # 6 is needed only for the Liberty JAVA application.
Video demonstrates how you can use the SSO service in your JAVA application on Bluemix. It uses the cloud directory as the identity source. The cloud directory may be managed by using the SSO service management console.
The code is available in the GitHub.
Link to course details + 50% discount
XML Files you need
Link to XML files in GitHub