OpenMRS SSO Capabilities

rasanjana · February 9, 2016, 5:50pm

Hi Folks,

It’s a bit time to hang around OpenMRS community and it’s great to work with you all. I’m looking for resources which mentioned how to configure SSO of OpenMRS with external identity provider. But I’m running out of luck. Can anyone point me for resources?

Thanks, Rasanjana

burke · February 10, 2016, 2:49pm

OpenMRS doesn’t yet have built-in support for SSO. @maany worked on an OAuth2 module during last year’s Google Summer of Code. Perhaps that might help.

rasanjana · February 10, 2016, 7:52pm

@burke thanks for the info. I will try to catch him.

ttcphilips · February 10, 2016, 8:45pm

What about using SAML SSO profile? This has become a popular implementation of SSO feature. It is perhaps the best standardized implementation of SSO. It is considered to be highly secured and user friendly. OpenSAML is a great project that is used by the most renowned opensource projects like WSO2 Identity Server. You can download the pdf which describes implementing SSO using OpenSAML at [1].

[1] https://www.google.lk/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwi81fqCh-7KAhWEC44KHdj9ACIQFggZMAA&url=https%3A%2F%2Fsummit.alfresco.com%2Fcmis%2Fviews%2Fworkspace%253A%252F%252FSpacesStore%252Fa8db1bd4-e804-4f78-b0c3-1d233393201c&usg=AFQjCNHJrAzJDx8_SYXuHekLMYi5uOphKQ&sig2=hZu6e37RtFg_fpJgmu526g

judy · February 11, 2016, 1:36am

We have integrated CAS for login : https://modules.openmrs.org/#/show/223/cas-authentication

rasanjana · February 11, 2016, 8:36pm

@ttcphilips indeed OpenSAML would be a best option. @judy thanks I will go through the resources and get back.

sunbiz · February 13, 2016, 12:17am

We are in the process of the next release of CAS Auth module where we support Shibboleth (with SAML). Its implementation is done like this - https://wiki.shibboleth.net/confluence/display/SHIB/UnderstandingShibboleth