Single Sign On

Owned by Adrian Hui (Deactivated)
Nov 28, 2016

Simple Flow of SAML Operation (Prior to v68)

SP Initiated Session:

  1. User enter directly to SP application (http://synweb.synergetic.net.au)
  2. The SP detects that the user is not authenticated and redirects the user to the IDP for authentication.
  3. The user enters its credentials to the IDP and authenticates successfully.
  4. The IDP then redirects the user back to the SP with an encoded SAML request containing.
    1. X509Certificate
    2. Claim Attribute Name and Value
  5. The SP processes the request and validates:
    1. X509Certificate matches the one stored on the SP server. (in ~Site/Certificates)
    2. The claim attribute value has a valid, matching user stored in the Synergetic
  6. If everything is valid, the user login is then registered with the session and the user can continue using SynWeb/ Community Portal.