SAML (Security Assertion Markup Language) is a standard for logging users into applications based on their sessions in another context.

To accomplish SSO by SAML running on Apache in front of the Valuemation server, it is necessary to:

1. Setup the SAML authentication module on the Apache.

   Note: Please note that a description of the setup goes beyond the scope of this Valuemation Help.

   • For example, to see the 'mod_auth_mellon' authentication module configuration, go to the Github website.
   • See also the following step-by-step sample at the Mkchendil website.
2. Setup the SAML authentication module on the Apache server properly to protect the Valuemation URL.
3. Set the defined HTTP header with the value of the authenticated username from the SAML module.

Notes:

• VMWeb runs inside of Tomcat.
• Tomcat is hidden behind the Apache web server.
• Apache communicates with Tomcat via the 'MOD_JK' Apache module.
• User is authenticated by SAML module installed on Apache.
• SAML module does not let the request to go further until the user either has an existing active browser session with the identity provider or establishes one by logging into the identity provider.
• Valuemation Web is configured to obtain the username from Apache and map it to the username used internally by Valuemation.