Single Sign On (SSO) - where one set of credentials is shared across multiple applications - makes systems safer and easier to manage, and is often mandated in larger enterprise level IT departments. The SSO prototocol of choice in large corporate’s is the Security Assertion Markup Language (SAML), and at Carbon Six Digital we’ve undertaken a number of projects that involved integrating SAML into Umbraco, which is our Content Management System of choice.
In each case, our goal has been to provide a seamless integration for a core directory of users into Umbraco, while aiming to maintain the existing Umbraco functionality such as password protected pages using public access and the Membership Provider.
Our experience on each project has been that the coding is relatively straightforward, but that configuring the systems to talk is a huge challenge.
Our preferred solution is to make use of SaaS SAML Identity Providers such as Lastpass or Okta, along with the off-the-shelf SAML toolkit from Component Space, in order to easily integrate existing corporate security credentials stored in systems such as Active Directory, with Umbraco.
In an article published today on Skrift, we take a deeper dive intointegrating SAML into Umbraco. If you want to fast track the SSO integration in your Umbraco site, then use our Umbraco SAML Service which enables Umbraco sites to integrate with SAML Identity Providers such as Okta, ADFS and Lastpass.
Last year we worked on an Umbraco project for a FTSE100 pharmaceutical company. The project was to build and implement a personalised training portal, accessible from laptops on their corporate network as well as tablets on the open internet.Unsurprisingly information security was a big issue to them, and part of our brief was to ensure that all user logins were authenticated using their corporate identity provider.
After working with their Information Security team and Corporate Head of Technical Standards we designed a system to integrate the Umbraco Membership system with the client's Identity Provider, Ping Federate, using SAML (Security Assertion…