0 Replies Latest reply on Nov 20, 2012 5:28 PM by Maksym Gryevtsov

    How to mix SAML and "regular" authentication for the same resources (WAR/EAR)?

    Maksym Gryevtsov Newbie

      HI,

       

      We have an existed application that keeps users in database and authenticates them with DatabaseServerLoginModule using form based authentication. Some of the users wants to login into SalesForce first and then access our application via SSO. Since SalesForce exposes SAML 2 IDP, it seems no brainer to make our application a SP. To achive it I need to point my application to

       

      <security-domain name="sp" cache-type="default">

      <authentication>

      <login-module code="org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule" flag="required"/>

      </authentication>

      </security-domain>

       

      The problem is that it would force everyone to use/be registered in remote IDP which is not desireable. Is any way to mix "standalone" and SAML authentication for the same resources (EAR/WAR)?

       

      Thanks,

      Maksym