Introduction

This is a simple demo showcasing some of RH-SSO features/concepts such as: Realm, Client, Roles, Social Login, Themes, etc..

For additional details, please refer to Additional References section;

Environment

• Docker 18.06.1-ce
• Red Hat Single Sign On 7.2
• Red Hat Single Sign On 7.2 1.2-8 container image

Deploy from DockerHub

docker pull viniciusmartinez/slide-demo-app:1.0
docker pull viniciusmartinez/rhsso:1.0

Building from "Source"

• Clone the application:

git clone https://github.com/vinicius-martinez/rhsso-slide-demo.git

• Build (docker build) RHSSO. Example:

cd rhsso
docker build -t rhsso:1.0 .

• Build (docker build) slide-demo-app. Example:

cd slides-app
docker build -t slide-demo-app:1.0 .

Demo Script:

1. Starting RHSSO and slide-demo-app
2. Create RHSSO Realm
3. Create RHSSO Client APP
4. Create RHSSO Roles
5. Create RHSSO User
6. Enable SignUp
7. Change Themes
8. User Required Actions
9. Social Login
10. Two Factor with OTP
11. End User Account Management

Starting RHSSO and slide-demo-app

• Open a terminal and start RHSSO:

  • we're going to use "-P" to generate a random Port number for RHSSO. If you prefer, you can bind it to an alternative port of your choice

docker run -it -P viniciusmartinez/rhsso:1.0

• Open a second terminal and start slide-demo-application:

  • we're going to use "-P" to generate a random Port number for RHSSO. If you prefer, you can bind it to an alternative port of your choice

docker run -it -P viniciusmartinez/slide-demo-app:1.0

• Open a third terminal and execute docker ps in order to fetch RHSSO and slide-demo-app port numbers. Example:

  • take note of all ports used by RHSSO (32789, 32788) and slide-demo-app(32786,32785)

docker ps
CONTAINER ID        IMAGE                                 COMMAND                  CREATED             STATUS              PORTS                                                                       NAMES
16f6cd0d3e11        viniciusmartinez/rhsso:1.0            "/opt/eap/bin/opensh…"   25 seconds ago      Up 24 seconds       0.0.0.0:32789->8080/tcp, 0.0.0.0:32788->8443/tcp, 0.0.0.0:32787->8778/tcp   upbeat_hermann
fe93676933d3        viniciusmartinez/slide-demo-app:1.0   "container-entrypoin…"   51 seconds ago      Up 50 seconds       0.0.0.0:32786->8080/tcp, 0.0.0.0:32785->8443/tcp

• Open a browser of choice and try to access RHSSO on the following address with admin/admin credentials: http://localhost:32789/auth

• Open a new tab and try to access slide-demo-app on the following address: http://localhost:32786/demo.html

Create RHSSO Realm

• Return to the RHSSO browser tab and place the mouser on the left top corner, right above the MASTER. Click on the arrow button and select Add Realm;

• Inform a NAME (e.g myrealm) and click on Create button;

Create RHSSO Client APP

• Click on Clients right bellow the Realm Settings at the left menu;
• Click on Create button on the right corner;
• Inform a Name (e.g: myclient);
• Inform the Root URL (e.g: http://localhost:32794);
• Click on Save button;
• Switch back to the slide-demo-app tab and click on Config button;
• Inform SSO Server URL (e.g: http://localhost:32792/auth)
• Inform SSO Realm (e.g: myrealm)
• Inform App Client ID (e.g: myclient)
• Click on Save and afterward Close button;
• If everything is successfully configured, a green Configurado! button will be displayed

Create RHSSO Roles

• Click on Roles right bellow the Client Templates at the left menu;
• Click on Add Role button;
• Inform a Role Name (e.g: realm-role) and afterward Save button;
• Click on Clients right bellow the Realm Settings at the left menu;
• Select myclient and Roles afterward;
• Click on Add Role button;
• Inform a Role Name (e.g: client-role) and afterward Save button;
• Click on Roles again;
• Select Default Roles
• Select realm-role and click on Add Selected
• Select myclient and repeat the same procedure, adding client-role

Create RHSSO User

• Click on Users right bellow the Groups at the left menu;

• Click on Add User button;

• Inform a Username and click on Save button;

• Got to Credentials tab and inform a new password;

• Finally click on Reset Password;

  • now you can try to login on slide-demo-app

Enable SignUp

• Click Realm Settings and select Login tab;
• Enable User Registration
• Click on Save

Change Themes

• Click Realm Settings and select Themes tab;
• Select a different theme from Login Theme dropdown list;
• Click on Save

User Required Actions

• Click on Users right bellow the Groups at the left menu;
• Select an user;
• Select a few actions on Required User Actions menu;
• Click on Save

Social Login

• Click on Identity Providers right bellow the Roles at the left menu;
• Select Github user;
• Open a new tab and access your Github account. Select Settings -> Developer Settings and finally click on: New Oauth App
• Inform an Application name and a Homepage URL and finally copy the Redirect URI from RHSSO and paste it on CallBack URL
• Click on Register Application
• Copy both Client ID and Client Secret from Github and paste them on RHSSO
• Click on Save

Two Factor with OTP

• Click on Authentication right bellow the User Federation at the left menu;
• Change the default OTP FORM from OPTIONAL to REQUIRED;
• Logout from slide-demo-app and try to log back;

End User Account Management

• Open a new browser tab with the following url: http://localhost:32792/auth/realms/myrealm/account
• Navigate through the options and update your profile if desired;

Additional References

Docker Port

Realm

Managing Clients Roles

Login Page Settings

Themes

Authentication Flow

User Required Actions

Social Identity Providers

OTP