Firelay Single sign-on:
Sign in once for access to Liferay and all your other applications

With Firelay Single sign-on, we provide you with an SSO solution that integrates Liferay and your LDAP or Active Directory.

You can benefit from central user management and central authorization, while your users have the luxury of only needing to remember one account for all connected applications and use central authentication to only log in once.

Firelay SSO runs safely in the private Firelay Private cloud. We monitor your services 24x7x365, we perform updates and we apply security patches immediately upon release.

Our solution includes the setup and configuration of an OpenAM or CAS SSO server, supporting standards like OAuth, SAML and OpenID, and our experts will help you to connect this your LDAP and Liferay.

Team member Lex van Sonderen

Lex van Sonderen

General Manager
+31 6 4560 8868

LinkedIn Twitter
Our Liferay hosting solutions
Liferay managed hosting On-Premises Liferay managed hosting in the Firelay Private Cloud Liferay on Platform as a Service
On-Premises Private Cloud PaaS


With Single sign-on users only have to log in once to access all the applications.

The benefits of Single sign-on

SSO lets you connect an unlimited number of applications with your LDAP as a basis, while keeping it manageable. It lets you use the best-of-breeds to create your own suite.

The benefits include:

  • One set of credentials to rule them all: no more post-its for passwords, using the same password everywhere and less I-forgot-my-password-calls to service desks.
  • Log in once and get access to all connected applications without getting prompted with other login screens.
  • Central user management: LDAP becomes the one and only truth.
  • Central authorization: manage access and permissions in once place.

See Sander's presentation on Liferay, LDAP and SSO

What is Firelay Single sign-on?

Introducing Single sign-on in to an organization is never straight forward. There are always organization specific requirements or legacy systems to take into account. Therefore we will first get in touch with you to discuss your exact needs. After that Firelay will:

  • Setup a Single sign-on server (OpenAM, CAS), the basis of our solution, including monitoring.
  • Style the login-page according to your style guide/CSS, so it seems like part of your existing applications.
  • Connect your SSO server to your LDAP or Active Directory.
  • Configure your Liferay to work with OpenAM or CAS and LDAP so Liferay uses the groups and roles from your LDAP.
  • Maintain the SSO server using monitoring, and by applying updates and security patches.

Firelay SSO integrates with your existing infrastructure (LDAP or Active Directory) and maps groups and roles to Liferay.

Applied SSO technologies

For our Single sign-on solutions we trust in the following technologies covering a variety of authentication methods:

  • OpenAM - open source access management solution, part of Forgerock's Open Identity stack. OpenAM includes SSO, authorization and authentication and lots more. Standards like OAuth 2.0, OpenID Connect, SCIM and SAML are supported with OpenAM as is adaptive and strong (two factor) authentication. 
  • Central Authentication Service (CAS) - SSO protocol originally created by Yale University and comes with an open source Java server component. Liferay has out-of-the-box support for CAS.
  • OpenDJ - LDAP component of Forgerock's Open Identity Stack which integrates seamlessly with Liferay and OpenAM. 

Start using Liferay with SSO