I'm working on an project that implements user authentication through Spring Security using a spring session ID stored in a cookie on the client's browser. There's no authentication server, the same server manages authentication and the whole app as a monolith.
So we are now in the need of implementing SSO with a third party system, so far everything I've read on the matter requires OAuth or some other implementation of token based authentication that supports an external identity provider. I would prefer not to migrate the authentication strategy as we are kinda on the clock.
I work on another project that has OAuth authentication so I'm not new on that topic (though not really an expert either).
Can someone throw some light on this? I just need to know if it is possible or there's no other way to migrate the authentication strategy.
↧
Single Sign-On with spring session ID cookie?
↧
