All Things Techie With Huge, Unstructured, Intuitive Leaps

Getting SSO to work

We recently decided to use for our help desk, knowledge base etc.  Since we want our knowledge base to be private for clients only, Freshdesk requires a login.  We don't want to make our clients log in twice, so Freshdesk has this SSO or Single Sign On token system.

We use Java, and there was a java servlet showing how to sign on with a token.  However the online java in a repository didn't quite work.

Here is a working Java servlet for the Freshdesk SSO token system:

import java.math.BigInteger;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.application.User; (replace with your own user bean)

public class FreshDeskSSOServlet extends HttpServlet {

private static final long serialVersionUID = 7027717204177362374L;
private final String BASE_URL = "baseUrl including trailing slash" + "login/sso";
private final String sharedSecret = "put in shared secret";


public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {

try {
String url = this.getSSOURL();
} catch (Exception e) {

private static String getHash(String text) throws Exception {
    MessageDigest m=MessageDigest.getInstance("MD5");
    return ""+new BigInteger(1,m.digest()).toString(16);

private String getSSOURL() {

String hash = null;
String url = null;
User user; //Get the user details using your current authentication system
String name = "First & Last Name";// Full name of the user
String email = "";// Email of the user
try {
hash = getHash(name + email + sharedSecret);
} catch (Exception e1) {

try {
name = URLEncoder.encode(name);
email = URLEncoder.encode(email);
url = BASE_URL + "?name="+name+"&email="+email+"&hash=" + hash; 

}catch (Exception e) {
//Handle appropriate code
System.out.println("There is an exception while constructing the URL");

return url;


Hope this helps.

No comments:

Post a Comment