AIV SSO & External Security
Introduction
AIV allows a single sign-on option, enabling integration with third-party applications as part of an integrated solution. In this exercise, you will learn to implement a simple single sign-on code that validates users against those available in AIV.
In order to work with SSO, we first need to fetch users from client source, which could be a CSV file or a database.
AIV allows configuring external security so that you do not have to redefine users and roles within the AIV application. To use external security, you need to implement a Java interface.
This document will guide you through implementing simple Single Sign-On (SSO) and external security, validating users against a CSV file. You can download the sample project files for SSO and external security from here.
There are 3 ways to get users in AIV using external security:
-
Fetch user from CSV file:
In this document, we demonstrated using CSV file!
-
Fetch user from Database:
Click here to know more on how to fetch user data from database!
-
Fetch user from LDAP:
Click here to know more on how to fetch user data from LDAP!
Data file you required:
(a) SSO and External Security project files
(b) Eclipse IDE
Prerequisites
Downloaded Sample project from here.
Implement External Security
Follow these steps to implement external security with a CSV file:
- Download the files and extract them into your local storage folder. You will see two folders:
- AIV External Security
- AIV SSO
-
Import both of these projects into Eclipse to make path changes in this sample project.
-
Expand the AIV External Security project and navigate to the ‘files’ folder. This folder contains CSV files with sample information for users,roles, and user-role mappings, as well as other.properties files that will be used if your user data resides in a database.
-
To change path of this CSV files in your project, expand src folder and open ExternalSecurityCSVImpl class file available in com.aiv.externalsecurity package.
-
Provide the path of the CSV file in the BASE_PATH variable, as shown in the image below:
-
Save this class file, now expand sso project folder and open aivSSOImpl class, provide valid path to store log files.
-
Save this file and export whole project as a jar file and save it in local storage.
-
Do the same with external security, export AIV External security project as JAR file and store it in local storage.
-
Paste External Security & SSO JAR File into location [C:\aiv\apache-tomcat\webapps\aiv\WEB-INF\lib].
-
To use it, enable SSO and External Security from the AIV Configuration page.
-
Click on Hamburger menu and Go to Administration > AIV Configuration section, Click the button of External Security, as shown in figure.
-
Select the ‘Secure’ radio button of Editable User Properties and Editable Roles Properties.
-
Enter the security class name:
com.aiv.externalsecurity.ExternalSecurityCSVImpl
. -
Enter the admin user: Admin
-
Enter the admin role: Administrator.
-
Check the boxes for ‘User Defaults’ and ‘Role Defaults,’ as shown in the figure.
-
Click on SSO Configuration button, it will enable SSO Configuration setting into AIV, as shown in figure.
-
Enter the class name:
com.aiv.sso.aivSSOImpl
, as shown in the figure. [It impairments SSO jar File class path] -
Click the Submit button to save the changes.
-
Restart the tomcat server!
-
Once the server has started, login to aiv. Go to Administration > User section, where you will find some new users added to aiv.