Skip to main content

SSO Configuration in RightData

  • Updated

This document explains a procedure on how the user can implement SSO using the RightData tool.

To learn more, let us walk through the below procedure:

  • Click the ‘ADMIN CONSOLE’ tab.
  • Hover on the left-hand side of the application to view available options.
  • Click the ‘System Preferences’ option.

Path: ADMIN CONSOLE > System Preferences

Page-1-Image-2.png
  • Now the user can view the ‘Preferences’ page.
  • Under the ‘Preferences’ page, a couple of tiles are displayed.
Page-1-Image-3.png
  • Click the ‘Instance Preferences’ option.
Page-1-Image-4.png
  • An ‘Instance Preferences’ session page is displayed.

Note: By default, the ‘Global Settings’ tab is selected.

Path: ADMIN CONSOLE > System Preferences > Instance Preferences

  • Click the ‘LDAP Settings’ tab.
Page-2-Image-6.png
  • The user is navigated to ‘LDAP Settings’ session page.

Note: By default, ‘SSO Enable’ Toggle button is switched to ‘Turned Off’ mode.

Page-2-Image-7.png
  • Let’s suppose switch the ‘SSO Enable’ Toggle button to ‘Turned On’ mode.

Note: The following options namely Login URL Type, Login URL, and Logout URL are displayed when ‘SSO Enable’ is ‘Turned On.’

  • ‘Login URL Type’ displays drop-down lists namely ‘GET’ and ‘POST.’
Page-2-Image-8.png
  • Let’s select the ‘Login URL Type’ as ‘GET’ from the drop-down list.
  • Then, enter the ‘Login URL’ and ‘Logout URL’ text fields.
  • Click the ‘Save’ button.

Note 01: Login URL is the RightData application URL.

Note 02: Logout URL is the client side SSO Team URL.

Page-3-Image-10.png
  • A toaster message ‘Settings saved Successfully!’ is displayed on the top right corner of the page.
Page-3-Image-11.png

 

Configuring setup in RightData Web.Config file

Step 1: Login URL from Ping (any identification provider from client side) Authentication https://fedauthtst.pg.com/idp/startSSO.ping?PartnerSpId=RightData-dev   

we need to send the APP name of RightData in domain.com ping database. In this case PartnerSpId=RightData-dev

 

Step 2: Making auto redirection to the given login URL from RightData only when the user is not logged in.

For this on the Web.Config we need to add this Ping URL (https://fedauthtst.pg.com/idp/startSSO.ping?PartnerSpId=RightData-dev)

Below is the sample code:

<system.web>

</authentication>-->
<authentication mode="Forms">
<forms loginUrl="https://fedauthtst.pg.com/idp/startSSO.ping?PartnerSpId=RightData-dev" timeout="60" requireSSL="true" />
</authentication>

</system.web>

 

Step3: So now it will redirect to the given URL (i.e, Ping Login Screen). Once we enter the AD/Network account credentials it will authenticate the user and send the response in SAML.xml format. Once the credentials are validated then the PING will send the SAM response to RightData endpoint URL.

 

Step 4: The given RightData endpoint URL (RightData team will provide the URL) will receive the SAML response and it will capture the UserName (This is the property name we except from SAML response).

 

Step 5: RightData will allow the user to Authenticate into the Application.

 

Related articles

Comments

0 comments

Please sign in to leave a comment.