I have seen an implementation of SSO where the information that would be in a SAML token is passed in http headers. This implementation used delegated authentication to sign in the user based on these http headers. This link is to documentation for delegated authentication https://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=GCAS_delegated
Hi All...
Any Suggestions regarding this.....
Hello,
There are several alternatives described in the standard. Check out section 4.3 and section 5 at this link http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html
I have seen an implementation of SSO where the information that would be in a SAML token is passed in http headers. This implementation used delegated authentication to sign in the user based on these http headers. This link is to documentation for delegated authentication https://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=GCAS_delegated
You might also consider using OAuth if you are using a REST interface. https://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=GOAUTH