Log in with VMware Identity Manager
This demo application shows how to use Spring Boot and the Spring security SAML2 extensions to let a user authenticate with VMware Identity Manager™, using the SAML2 protocol.
This application is based on the Spring SAML2 Demo application and has been modified to integrate VMware Identity Manager as an identity provider (IdP).
Building the project
You need a VMware Identity Manager tenant, like https://dev.vmwareidentity.asia, where you have admin access (if you want to add your own application). You can test the application as is, as it is configured by default on an provided tenant.
The project requires JDK 8.
Building from IDE
Clone this project.
Then import the root folder. You can run the main class named
Building from the Command Line
You can run the application locally by using
$ ./gradlew bootRun
Another option is to build the jar file and run it with
./gradlew build and
java -jar build/libs/webapp-spring-boot-saml2.jar (per the Spring Boot
docs and other available documentation).
You can now select the "SSO Login Page" and the first IdP and click
Login. You can use
user1 as username and
vmware as the password.
Configure the Demo Application
If you want to configure the application to log in users from your own VMware Identity Manager organization, you need to add and configure that SAML2 application in your Identity Manager catalog.
Edit the local
./src/main/resources/application.propertiesfile to setup your organization URL:
vmware.url=https://<your VMware IDM URL>
and run the application:
$ ./gradlew bootRun.
Login to your VMware Identity Manager organization (https://)) as an administrator
Application Configurationpage, select
Meta-data XMLfor the
Configure Viaoption. And paste the XML content that you downloaded from your running local application: http://localhost:8080/saml/metadata. Click
Add the entitlements to this application. You can choose
Add group entitlementand type
ALL USERSto entitle this application to all users in your system.
You can now log in to your application from http://localhost:8080, and you can also launch your application from the VMware Identity Manager end user catalog.