SAML SSO

Security Assertion Markup Language (SAML) is a Single sign-on (SSO) protocol supported by the JGAS. It is based on a Genero REST delegation service that is delivered in the Genero Web Services package under $FGLDIR/web_utilities/services/saml.

Genero SAML will establish a circle of trust between the service provider (the JGAS) and the SAML identity provider (the entity in charge of managing and authenticating the users).

If you don't configure another database, Genero SAML service will by default use the saml.db SQLite database located in $FGLDIR/web_utilities/services/saml/bin. If Genero is installed with a different user than the user who runs the web server, you must (as a minimum) set write permissions for that user on the saml.db file and its parent bin directory, otherwise the service will fail to insert data into the SQLite database.

Note: Genero implements only version 2.0 of the SAML specification and supports only the HTTP-POST bindings. It is only intended for Genero Web Client applications.