Install and configure for SSO
Single sign-on is embedded in the FGLGWS package. No additional installation is required.
The FGLGWS installation includes a REST web service for delegation and a Genero Identity Provider (GIP) for securing applications and web services. You don’t need to install these separately — they’re already part of the package.
However, before you can use the GIP, you must configure it with your GAS using the StarterApp. For instructions, refer to Configure the primary Genero Identity Provider.
You'll find the delegation and GIP services files in the $FGLDIR/web_utilities/services directory. For a visual overview of the directory structure, refer to The services directory.
GIP license requirements
The GIP is based on a microservices architecture, where each service consumes a license. The core GIP services require a minimum of 4 licenses, with two additional licenses if you use the Deployment service. Once the core services are active, running applications through the GIP requires one additional license per application. A CPU license is recommended for the GIP services.
To test the GIP, you can limit license consumption by setting
MAX_AVAILABLE to 1 in the following GIP service
configuration files:
| Configuration file | Location |
|---|---|
| GeneroAccessService.xcf | $FGLDIR/web_utilities/services |
| GeneroIdentityProvider.xcf | $FGLDIR/web_utilities/services |
| OpenIDConnectServiceProvider.xcf | $FGLDIR/web_utilities/services |
| GeneroProfileService.xcf | GIP working directory ($(home)/.genero-sso/services) |
| GeneroRegistrationService.xcf | GIP working directory ($(home)/.genero-sso/services) |
| GeneroDeploymentService.xcf | GIP working directory ($(home)/.genero-sso/services) |