Welcome to the world of easy SSO integration with cbSSO! In this talk we will cover Ortus’ new free and open-source module for single sign on. This module makes integrating SSO into your app as simple as it can be. We will cover registering a few common providers like Microsoft, Facebook, and GitHub as well as how to write a custom integration to suit your particular application.

1. Simplifying Authentication
Get Started With Single Sign-On Today!

2. Hi, my name is Jacob
Section 2
Fse
● Kansas City, MO
● Wife and 3 boys
● On my second year at Ortus
● Author of cbSSO
● Full of regrets about this template
(I’m sorry, I made a bad choice in a
moment of weakness)
https://github.com/jbeers

3. Jan
100
90
80
70
60
50
40
30
20
10
0
Feb Mar Apr May Jun
Single Sign-Ons
cbSSO Projections Pain & Suffering
Section 12
Section 3

4. What I hope you get out of this
Understand what single sign-on is and is-not
Section 12
Section 4
Know If cbSSO is right for you
Feel like you could implement cbSSO right now

5. Content Outline
⬤ What Exactly is SSO?
What problem does it solve?
⬤ Key Definitions
An overview and examination of
SSO language.
⬤ Various Implementations
oAuth2, SAML, openID
⬤ Why cbSSO?
What problem it solves and its
purpose.
⬤ Module Installation
Installing, configuration,
implementation.
⬤ Providers
Overview of stock providers and
custom provider tools.
⬤ Project setup
Start with a fresh repo.
⬤ Walkthrough Initial Setup
What it takes to integrate cbSSO
into a ColdBox app.
⬤ Integrating with cbSecurity
Streamlining the whole thing.
Intro to SSO cbSSO Overview Demo
Section 5

6. Interjection!
Section 12
cbSSO Overview 6
Let’s make sure everyone is on the same page about cbSSO.
ColdBox is required
cbSecurity is not required
it makes it much better though
Not yet BoxLang certified
But very close!
Forgebox Page:
forgebox.io/view/cbsso
GitHub Repo:
github.com/coldbox-modules/cbSSO
Demo Project:
github.com/jbeers/cbsso-demo

7. What is Single Sign-On ?
Single Sign-On (SSO)
is an authentication scheme that
allows a user to log in with a
single ID to any of several
related, yet independent,
software systems.
- Good ol’ Wikipedia
Intro to SSO 7

8. Key Definitions
The application that will authenticate the user
and share their information with your system.
Usually Google, GitHub, Microsoft, etc…
Answers the question “Who are you?”.
The Identity Provider provides the
answer.
Authentication
Authorization
The application providing a service to
the user. Probably your application.
Identity
Provider
Service
Provider
Answers the question “What can you
do?”. The Service Provider (your app)
does determines the answer.
Section 12
Intro To SSO 8
The user who is granting access to
data about themselves.
Resource
Owner

9. Common SSO Implementations
oAuth2
SAML
OpenID
Technically this is only an authorization framework. Often used with
OpenID but not required.
Security Assertion Markup Language - an XML based standard used
for authentication and authorization. Used by the Microsoft Entra
provider.
An authorization framework used for identifying a user and sharing
their information with another system.
Section 12
Intro To SSO 9

10. Why cbSSO?
The cbSSO module provides a
convenient way to integrate with
various Identity Providers.
Tightly integrates with ColdBox
so you don’t have to worry about
application flow.
cbSSO Overview 10

11. Module Installation
Section 12
cbSSO Overview 11
1. Visit the docs - https://cbsso.ortusbooks.com
2.
3. Module configuration
4. Implement in app - more on this later!

12. SSO Providers
Section 12
cbSSO Overview 12
Provided providers
● FacebookProvider
● GitHubProvider
● GoogleProvider
● MicrosoftSAMLProvider
Or…
Build your own!
Brownie points if you can
guess where I screenshotted
these from!

13. Demo Time!
cbSSO Overview 13