Skip to main content
Version: 2.2.1

Authentication in AD FS via SAML 2.0

SoftExpert Suite supports single sign-on via SAML 2.0 (Security Assertion Markup Language) in AD FS (Active Directory Federation Services). SAML 2.0 is a standard widely used in web applications and is considered one of the most secure authentication methods, due to the application of digital signatures to message exchanges. The architecture for this authentication involves three main agents: SoftExpert Suite as a service provider (SP), Active Directory with AD FS configured as an identity provider (IdP), and the client (browser).

Configuration for authentication via SAML 2.0 involves exchanging metadata files between the service provider (SoftExpert Suite) and the identity provider. For a detailed description of how to set this configuration, see the Configuring authentication in AD FS with SAML 2.0 section.

Prerequisites: Before configuring authentication via SAML, the following prerequisites must be met:

  1. Authentication using the SAML protocol requires the Java extended cipher suite to be installed. However, the default Java JDK installation has an encryption limitation due to US export rules. As a workaround, install the JCE (Java Cryptography Extension) package corresponding to the JDK version used on the server where SoftExpert Suite is installed.
  2. The JCE package is available in the
\tools\thirdparties\oracle\java\UnlimitedJCEPolicyJDK7.zip

folder of the product installation directory. To carry out the installation, follow these steps:

  • Unzip the UnlimitedJCEPolicyJDK7.zip file into this folder
<sesuite_dir>\tools\thirdparties\oracle\java\
  • Copy the files with .jar extension.
  • Paste the files with .jar extension into this directory
<JAVA_HOME>\lib\security
  • Restart the SoftExpert Suite service to apply the changes. By fulfilling these prerequisites and setting the appropriate configuration, you will be able to establish authentication in AD FS using the SAML 2.0 protocol in SoftExpert Suite.

By fulfilling these prerequisites and setting the appropriate configuration, you will be able to establish authentication in AD FS using the SAML 2.0 protocol in SoftExpert Suite.