Logo of 52°North

52°North WAS: Authenticate users and return a SAML ticket

The 52°North Web Authentication Service (WAS) provides a standardized means to authenticate users (or more generally speaking: clients). On successful authentication it returns a SAML (Security Assertions Markup Language) compliant authentication assertion. This XML formatted, digitally signed document may serve as a general proof of a client's identity for any application. In the 52°North Security System suite the "SAML ticket" the standard way to authenticate at a WSS to get access to a protected service.

The WAS specification does not dictate the kind and/or format of the user repository that is used to authenticate users. It is also designed to support any kind of authentication method (password-based, signature cards etc.) to be used for the authentication process. Of course, the 52°North implementation of the WAS can only implement a small selection of possible methods and user repositories. The current implementation supports:

Authentication methods

  • password-based authentication

User repositories

  • custom XML file where users/password/roles are defined (default)
  • custom SQL database, accessible via JDBC
The WAS implementation makes it easy to support more than the current available authentication methods and user repositories. Go here to see how to bind your own implementations.

The WAS provides a simple HTTP GET/POST based protocol that is described here.