Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

SAML SSO Azure AD.

rajat1996
New Contributor III
New Contributor III

Hi, 

We are doing the SAML SSO in the authentication groovy file. According to the docs. it says we have 2  fields to change i.e. grails.plugin.springsecurity.saml.keyManager.storePass and grails.plugin.springsecurity.saml.keyManager.passwords. 

But i am not able to find these properties in the auth. groovy file in my instance.

we are using 23.1V 

Can anyone help me on this ?

 

2 REPLIES 2

SumanPatra
Saviynt Employee
Saviynt Employee

HI @rajat1996 

you can add this value in the authentication.groovy file manually and the value of this attribute are set as follows

grails.plugin.springsecurity.saml.keyManager.storePass: 'the password you have used to set keystore. the value must be in single quote.'

grails.plugin.springsecurity.saml.keyManager.passwords = [ selfsigned: 'the password you set above attribute. The value must be in single quote.']

 

Regards,

Suman

rajat1996
New Contributor III
New Contributor III

Thank you Suman for the response!

I am using below configurations for SSO, but not getting redirected to the azure page for authentication.

// SINGLE IDP START

// IDP-1
grails.plugin.springsecurity.saml.metadata.sp.file = 'Saviynt_SP_sp.xml'
grails.plugin.springsecurity.saml.keyManager.storePass ='xxxxxx'   -> // using keystore password here. 
grails.plugin.springsecurity.saml.keyManager.passwords = [tomcat: '<keystorepassword>']
grails.plugin.springsecurity.saml.metadata.defaultIdp='<Entity ID from idp file>'
grails.plugin.springsecurity.saml.metadata.providers = [test: 'Azure_idp.xml'] 
grails.plugin.springsecurity.saml.keyManager.defaultKey = 'tomcat'
grails.plugin.springsecurity.saml.metadata.sp.defaults =  [
securityProfile: 'metaiop',
        local: true,
        alias: '<SP entity ID>', 
        signingKey: 'tomcat',    -> should i keep it as it is ? or what needs to fill in here ?
        encryptionKey: 'tomcat', -> should i keep it as it is ? or what needs to fill in here ?
        tlsKey: 'tomcat',

Thank you!