Using a Basic Template in FreeForm Designer

This section describes how to use a basic template in freeform designer to set up SSO. For more information about setting up and testing SSO, see Single Sign-On and Cross-Domain Single Sign-On.

Use a Basic Template in FreeForm Designer

  1. In IG Studio, create a route:

    1. Go to http://openig.example.com:8080/openig/studio, and select Create a route.

    2. Select Freeform to use the freeform designer.

  2. Select Basic to create a route from a blank template.

  3. Select Advanced options on the right, and create a route with the following options:

    • Base URI: http://app.example.com:8081

    • Condition: Path: /home/sso-ff

    • Name: sso-ff

    The route is displayed on the Flow tab of the canvas. Select the All Objects tab to view a list of objects in the route.

    Double-click on any object to review or edit it. After double-clicking on an object, select the Decorations tab to decorate it.

  4. Configure authentication with a SingleSignOnFilter:

    1. Select the Flow tab, and delete the connector between Start and ReverseProxyHandler.

    2. From the side bar, drag a Chain onto the canvas, and then drag a SingleSignOnFilter into the chain.


    3. In the Edit SingleSignOnFilter page, click , and create an AM service, with the following values:

      • URI: http://openam.example.com:8088/openam

      • Agent: The credentials of the agent you created in AM.

        • Username: ig_agent

        • Password: password

    4. Connect Start to Chain-1, and Chain-1 to ReverseProxyHandler.


  5. On the top-right of the screen, select and Display to review the route.

    The following route is displayed: 

    {
  "name": "sso-ff",
  "baseURI": "http://app.example.com:8081",
  "condition": "${matches(request.uri.path, '^/home/sso-ff')}",
  "handler": "Chain-1",
  "heap": [
    {
      "name": "ReverseProxyHandler",
      "type": "ReverseProxyHandler"
    },
    {
      "type": "BaseUriDecorator",
      "name": "baseUri"
    },
    {
      "type": "TimerDecorator",
      "name": "timer",
      "config": {
        "timeUnit": "ms"
      }
    },
    {
      "type": "CaptureDecorator",
      "name": "capture",
      "config": {
        "captureEntity": false,
        "captureContext": false,
        "maxEntityLength": 524288
      }
    },
    {
      "name": "Chain-1",
      "type": "Chain",
      "config": {
        "handler": "ReverseProxyHandler",
        "filters": [
          "SingleSignOnFilter-1"
        ]
      }
    },
    {
      "name": "AmService-1",
      "type": "AmService",
      "config": {
        "url": "http://openam.example.com:8088/openam",
        "realm": "/",
        "agent": {
          "username": "ig_agent",
          "password": "password"
        },
        "sessionCache": {
          "enabled": false
        }
      }
    },
    {
      "name": "SingleSignOnFilter-1",
      "type": "SingleSignOnFilter",
      "config": {
        "amService": "AmService-1"
      }
    }
  ]
}

  6. Select Deploy to push the route to the IG configuration.

    You can check the $HOME/.openig/config/routes folder to see that the route is there.

Read a different version of :