See WildFly Configuration - PicketLink.

See also PicketLink Quickstarts.

Jakub Remenec wrote:

 

Is there any working example on how to configure SSO in WildFly 8? Or could somebody write me how can I configure it? I'm new to SSO stuff so I'm a little lost with the configurations things. I found that it is possible to make SSO using JOSSO etc. but if it is possible I would like to use my WildFly server for this purpose.

 

Thank you very much for your answers

Question is what kind of SSO do you have in mind, as there are so many different scenarios that SSO term is used in this days that it is hard to say what exactly do you need / how should it be configured.

Considering PicketLink Federation, each of your web applications is a Service Provider (see picketlink-quickstarts/saml/employee). Also you need to create at least one Identity Provider (see picketlink-quickstarts/saml/idp) and two security domains. Indeed, these activities involve xml configs.

Jakub Remenec wrote:

 

Sorry to respond so late. My scenario is that I have multiple EJB modules that are exposed to multiple web applications. And I want to secure these web applications by SSO, so users that log into one application, does not have to log in again when the move to other application. I found it very easy in Glassfish - there you create a security realm (just like in wildfly) and then you only check SSO checkbox and it works. Then I attach all web applications to this realm and it works. I hoped it works in similar way in WildFly through xml configs.

as long as all your apps are deployed on same server, all you need is to add

<single-sign-on path="/" />

config to your host configuration in undertow subsystem