136 private links
The protocols discussed here cover SAML 2.0, OpenID Connect (OIDC) and OAuth2. Note that OAuth2 is not an authentication protocol, but because of the popularity of its use in cases such as enabling users to sign in with a social provider such as Facebook or Amazon, it is included here.
Identity, authentication and authorization protocols
These three protocols overlap frequently in functionality:
-
Identity protocols supply information about a user — such as a persistent identifier, phone or email address — that may be used for long-term identification of that user to your system and hence for authenticating the user and authorizing access to resources. SAML and OIDC are the best-known examples.
-
Authentication protocols do not necessarily carry a personal identifier. For example, the Kerberos system is based on the exchange of transient anonymous keys that, in themselves, include no identification data.
-
Authorization protocols, such as OAuth2 and UMA provide a means to acquire access-protected resources without requiring the resource owner to share credentials. Interactive user consent is an important aspect of these protocols. The OAuth2 protocol is often used, casually, for identity and authentication using user data, such as an identifier, returned in the OAuth2 process.
In this blog, I am going to explain how you could configure SAML SSO between wso2 identity server and was sample application snoop. You can find the port number of the was applications through the following the doc [1] and take the port number of WC_defaulthost_secure for the applications. Also please note that I have tested the SAML SSO configuration between wso2-is-5.7.0 and IBM WAS-8.0.0.12.