About configuring Application Security to work with single sign-on
The following table lists the supported single sign-on solutions, and provides links to the instructions on how to configure Application Security to work with the following single sign-on (SSO) solutions.
SSO solution | Instructions |
|---|---|
SAML 2.0-compliant single sign-on | Configuring Application Security to work with SAML 2.0-compliant single sign-on |
| HTTP headers | |
X.509 certification | Configuring Application Security to use X.509 certification-based SSO |
Configuration restrictions
The following restrictions apply to configuring Application Security to work with SSO solutions:
- You can only use the SSO solutions that Application Security supports to give users access to the user interface.
- At any given time, you can configure only one SSO solution for use with Application Security.
- A user who wants to access Fortify Audit Workbench, fortifyclient, or any of the Secure Code Plugins, must use an LDAP or local Application Security user account and password to sign in.
(X.509 SSO solution only) If you want users (local and LDAP) to be able to sign in using their user names and passwords, you must directly enable it.
To improve application security, if X.509 SSO authentication is enabled, Application Security prevents both LDAP and local users from using user names and passwords to sign in locally. Users can only use the configured SSO method or an API token to access Application Security. To enable local login with the X.509 SSO solution configured, an Administrator must use the
sso.localAuthenticationEnabledproperty located in theapp.propertiesfile. For information, see Configuring Application Security to use X.509 certification-based SSO.
See Also