I'm new to SAML and SSO and still finding my feet.
I've been given the task at work to provide SSO across three applications and I'm looking at various options.
In more detail:
We have an account on http://www.aha.io/ and this has an admin panel to configure SSO using SAML.
We also use Freshdesk http://freshdesk.com and this too can be configured for SSO using SAML..
The third app is a REST based application we've developed using Java and Angular and backed by MongoDB. It is a self contained app that is deployed with its own built in server. (ie it is not hosted in Tomcat, JBoss etc). Users of the application use name/password to login and the user details are within the MongoDB.
The SSO use case is that users of the REST app can sign on to any of the three applications using their login credentials for the REST app.
I'm not quite sure of how to go about this. I've done background work and I'm familiar with the notion of identity providers and service providers etc. However I don't yet have a 'gut feel' for how big and (maybe) how painful a task this is. Naively and at a very high level I see this as
Look at PicketLink/Wildfly guide and write and deploy an identity provider that does custom authentication talking to mongo.
Look at PicketLink/Wildfly guide and figure out what I need to do to deploy and configure a Service provider.
Configure our account on www.aha.io to talk to the deployed service and identification providers
Configure our account on Freshdesk to to talk to the deployed service and identification providers
Modify our custom application to use the service and identification providers.
Is this viable? Should I perhaps consider the commercial version of JBoss?
I would really appreciate any advice with more detailed steps to achieve SSO.
Many thanks for your help.