SAML/SSO Authentication and Conan in Nexus Repository 3.22

Introducing the release of Nexus Repository 3.22. Our product teams are excited to announce SAML/SSO authentication for Nexus Repository Pro. In addition to SAML/SSO, this release includes proxy support for Conan native format in both Nexus Repository Pro users and our free version, Nexus Repository OSS. Conan is the decentralized, portable, and extensible package manager for C/C++ projects.

Amidst much anticipation, Nexus Repository Pro now provides users the ability to authenticate with Security Assertion Markup Language (SAML) identity providers. Using SAML, users can now experience single sign-on (SSO) when logging into the Nexus ecosystem. In the reading ahead, we will ‘pop the hood’ on SAML to learn how it works with Nexus Repository Pro, what benefits users can gain setting up the SAML integration, and key highlights for both Nexus Repository admins and developers.

SAML and Nexus Repository Pro

To begin, below is a list of what is being delivered for SAML/SSO support in Nexus Repository Pro. For helpful tutorial information, check out the SAML Quick Start Guide covering step-by-step instructions on how to set up and configure SAML and Single Sign-On functionality in Nexus Repository Pro.

Nexus Repository Admin

  • SAML Security Realm
  • SAML IdP Config Page
  • SAML Service Provider Metadata Endpoint
  • SAML User Management

Nexus Repository User

  • SAML Single Sign On Experience

SAML is designed to secure browser-based interactions. SAML is an XML-based, open standard that enables single sign-on (SSO) to web- and cloud-based applications and services. Configuring the SAML integration, Nexus Repository Pro users have the ability to use a single set of login credentials to access Nexus Repository and other enterprise applications. The workings of SAML support in Nexus 3.22 illustrates the interaction between a SAML service provider (SP), in this case Nexus Repository Pro application, and an identity provider (IdP).

A full list (Read more...)

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Brent Kostak. Read the original post at: