In this chapter, we will explore the various security integration options with Spring and SAML. Many of us are aware of the basics of Security Assertion Markup Language (SAML), which is a standard way of providing authentication and authorization information from an Identity provider to a service provider. For Intranet, an application providing single sign-on (SSO) and single logout (SLO) is possible and easy using Local Cookies Information, whereas it is difficult to implement single sign-on for Internet-based applications. So, we need a sophisticated web browser-based SSO implementation using standard technologies such as the SAML open standard data format.
Spring comes with a standard extension for SAML that will facilitate the federated applications to integrate with existing SAML implementations. Refer to the popular SAML implementations such as Shiboleth, Kerboros, and many more, which have identity management capabilities, and some of them are available...