Question

Using SSO as default authentication

0

I have SAML withing with my Mendix app and when I navigate to /SSO/ it works just fine. I want SSO to be the default auth method. I haven’t found any articles about how to do this so I went to the forums. Everyone seems to suggest adding a META tag to the head of INDEX.HTML to redirect to /SSO/ When I do this, I get an infiniate loop. INDEX.HTML redirects to /SSO/ which authentivates and redirects to INDEX,HTML which redirects back to /SSO/ and so on. So I added the Meta tag to the login.html. This actually worked, However when someone visits the root “/” app, it shows the login screen for a second before redirecting to the SSO auth. This is very unprofessional for a production application. When a user goes to an application they shouldn’t have to visually be bounced around. I tried something different. I went to the FORM_LOGIN page in the atlas UI responsive forms, deleted all the content and added aa URL_REDIRECTOR to /SSO/, This Didn’t even work. I keep seeing a normal login page. Why would the old login page show up if the content is deleted? Does anyone have a better suggesion as to how to make the SSO login page the DEFAULT login method without a bunch of ugly redirects?

asked 2020-10-26

Brian Lorraine

2 answers

Rom van Arendonk · Answer 1 · 2020-10-26

The answer is in the documentation, which can be found here: change your SSOLandingPage to index3.html and include an index3.html page in your theme.

" SSOLandingPage – You can specify a different landing page here (for example, redirecting each user accessing the application URL to the SAML login). This requires you to change the index.html page by adding <meta http-equiv="refresh" content="0;URL=/SSO/" /> (so the end-user does not end up on index.html again after a login attempt). By changing this constant to /index3.html, the end-user will land on index3.html instead of index.html. In this case, you will of course need to add an index3.html page to your theme (and you can copy the original index.html into index3.html). ”

Brian Lorraine · Answer 2 · 2020-10-28

Just to confirm these are my settings

• SAML20.BindingURI_Redirect : false
• SAML20.DefaultLoginPage : /index.html
• SAML20.DefaultLogoutPage : /SSO/
• SAML20.SSOLandingPage : /index-sso.html

And again with Chrome it’s fine after I redirect index.html “/SSO”. To be safe I even put in the FULL URL, not jut “?SSO”. With internet explorer or my default android browser it just goes to login.html intead of /SSO/. Here’s a trace showing that it’s just hanging up on /SSO/ and not even trying: