Home‎ > ‎SSO Single Sign-On‎ > ‎

Using OpenLDAP as an IdP, Google as SP and OpenAM as a bridge through SAML

Using OpenLDAP as an IdP, Google as SP and OpenAM as a bridge through SAML

This guide was written using Debian based ( e.g. Ubuntu ) operating system. In other distributions just change the "apt-get" to their respective package manager tool. This example uses a LDAP directory to connect with SAML platforms through OpenAM authentication.


Please replace every federation.ga with your OpenAM domain. and change appsedudemo.com with your Google Apps domain.


Prerequisites:

  • Tomcat 7

  • OpenAM

  • Google Apps domain

  • LDAP Server


Instructions:


  • If you have not already connected Google Apps to OpenAM please follow the Connecting Google Apps as SP via SAML through OpenAM guide.
  • If you have not yet connected LDAP server with OpenAM please follow the Connecting LDAP server as IdP through OpenAM guide.
  • Log-in to OpenAM web admin:

  • Go to "Access Control".
  • Click on "/ (Top Level Realm)"
  • Go to "Authentication" tab.
  • Click on "Authentication chaining" > "New"
  • Set a name and click OK
  • Add an Item and select your LDAP module and Save
  • Click on "Back to Access Control"
  • Change on "Core" section the "Organization Authentication Configuration" with the created chain name. and Save
  • In order to test go to your Google Apps links, example:
  • http://mail.google.com/a/appsedudemo.com
Comments