Breadcrumb
- Sabre Red 360 Software Development Kit Help
- Desktop Red Apps
- Communications in Red Apps
- Single Sign-On
- Single Sign-On Service Cookbook
Single Sign-On Service Cookbook
This cookbook shows how to set up Single Sign-On access and use it for user’s authentication on your server side.
Problem
-
You have a web service responsible for providing data (for example customer profile) or performing a complex bussiness logic (like charging), requiring authentication before usage. Your Red App needs to call this web service.
-
You want your web service to create a session automatically when a user is signed-in to Sabre Red 360, instead of asking him for additional sign-in.
Solution
We recommend you use the Single Sign-On service, using SAML standard, provided by Sabre to avoid asking user for password again as one is signed-in to SR360. The following diagram illustrates the general concept of authentication when using Single Sign-On service:

As you can see the process contains the following steps:
-
Your Red App generates an assertion by calling Single Sign-On Service Client - your Red App triggers generating an assertion.
-
Your Red App sends the assertion to your Web Service asking for the authentication.
-
Your Red App Web Service calls Single Sign-On Validation Service to check if the assertion is correct and valid.
-
Your Web Service creates a session ID and returns it back to your Red App - your Web Service creates a user session based on the data provided in the SAML assertion.
Generating the assertion
Sabre provides an API for generating assertions for Java and Javascript. Before you use it, make sure you have added the authorization tag to your redapp.xml file:
<Authorization name="com.sabre.edge.cf.sso.SsoService" threshold="10" metric="tpm" />
Using Java API
Add a dependency to the following plugins:
-
com.sabre.edge.cf.core
-
com.sabre.edge.cf.model
-
com.sabre.edge.cf.sso
And use the following code:
ISRWCommunication communication = Activator.getDefault().getServiceReference(ISRWCommunication.class);
SsoServiceClient client = new SsoServiceClient(communication);
String serviceProvider = "http://redApps.test.sp.int.sabre.com";
Map <String, String> parameters = new HashMap <String, String>();
parameters.put("street", "3150 Sabre Drive");
SsoRequest request = new SsoRequest(serviceProvider, parameters);
ClientResponse <SsoResponse> response = client.send(request);
if (response.isSuccess()) {
String assertion = response.getPayload().getAssertion();
// Process the assertion
} else {
// Process errors
}
Using Javascript API
Add a dependency to the com.sabre.edge.platform.optional.webkit plug-in and use the following code snippet:
const serviceProvider = 'http://sampleredapp.dev.sabre.com';
const parameters = [['street', '3150 Sabre Drive']];
const serviceResponse = SrwApi.sso(serviceProvider, parameters);
const response = JSON.parse(serviceResponse)
if (response.response.success === true) {
const assertion = response.response.payload.assertion;
// Process the assertion
} else {
// Process errors
}
Assertion Validation
Information about available ways to validate SAML assertions can be found here.
Sample implementation
See the com.sabre.redapp.example3.desktop.sso sample for implementation.