About This Documentation

This guide describes how Ubisecure SAML Service Provider for Java (later Ubisecure SAML SP or SAML SP) is installed and configured on supported web and application servers.

Ubisecure SSO

The Ubisecure Ubisecure SSO (Single Sign-On) is an access management solution. The key functionality of Ubisecure SSO is to offer single sign-on to web applications with a selection of authentication methods to best serve the needs of the application or user level in question.

Ubisecure SAML SP for Java SSO Authentication Process

Ubisecure SAML SP for Java

An existing or new Java servlet application can be added to a SAML 2.0 based SSO system using SAML Service Provider for Java. Ubisecure SAML SP for Java enables the SAML 2.0 protocol based sign-on and logout processes on Java Servlet 2.3, 2.43.0 and 2.53.1 compliant web and application servers. 

User information is passed to the Java application using the standard Java Servlet API function HttpServletRequest.getUserPrincipal. This function returns a java.security.Principal containing the name of the user making the request. 

HttpServletRequest.getRemoteUser function returns a string containing the name of the user making the request.

The format of the user information is defined in the authorization policy of the Ubisecure SSO Server.

Ubisecure SSO Server versions beginning from 3.1 support the Oasis-Open's (http://www.oasis-open.org/) SAML 2.0 protocol. The trust model of Ubisecure and SAML is shown in Figure 1 below. 

Ubisecure SSO Server acts as the Identity Provider and Ubisecure SAML SP implements the Service Provider.