Forgerock SSO with container-managed authentication

This topic has 4 replies, 2 voices, and was last updated 7 months, 2 weeks ago by rajmohanmsc.

  • Author
  • #27537

    I am very new to Forgerock,

    I need your expertise advice on implementing SSO SAML MFA for one of our applications. Currently, We are using WebSphere version 8.5 and we use container-managed authentication with LDAP. We got the requirement to implement Forgerock SSO. I am not able to find any documentation which gives step by step implementation. Please, someone, guide me on this. Note : We implemented spnego with Windows SSO- Is it similar to that? do we need any other configuration?

     William Hepler

    I don’t believe SAML and SPENGO will be similar. This SAML would be more like WS-FED in the windows world.

    From an AM perspective AM can use SAML with any compliant provider. Normally you will have a IDP and a SP and share MetaData to configure and setup SAML.

    Will Websphere be the Identity provide or Service Provider? It sounds like Websphere would be the SP, and AM would be your Hosted IDP.

    You could review the FAQ about SAML from AM
    The following is the SAML guide from the docs.

    But I don’t believe there is specific details on how to setup Websphere for SAML in our Documentation.


    Thanks William,

    In my case Websphere is SP and AM is IDP. ( AM configuration will be taken care by our global team)

    I need to provide the steps to configure SP and how to get User principals.


     William Hepler

    I would recommend then finding Websphere/IBM’s documentation on SAML federation. They should as a standard have a way to export and import metadata.

    You will provide Metadata from your WAS server to the AM group and they will provide MetaData to you to create the federation.


    Thanks, Williams for your help. I got some documentation on this.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?