Configuring the Genero Application Server / How to implement Single sign-on (SSO) |
Security Assertion Markup Language (SAML) is a Single sign-on (SSO) protocol supported by the Genero Application Server. It is based on a Genero REST service and is delivered in the Genero Web Services package under $FGLDIR/web_utilities/services/saml.
Genero SAML will establish a circle of trust between the service provider (the Genero Application Server) and the SAML identity provider (the entity in charge of managing and authenticating the users).
If you don't configure another database, Genero SAML service will by default use the saml.db SQLite database located in $FGLDIR/web_utilities/services/saml/bin. If Genero is installed with a different user than the user who runs the web server, you must (as a minimum) set write permissions for that user on the openid.db file and its parent bin directory, otherwise the service will fail to insert data into the SQLite database.