Reputation: 73
Shibboleth Identity Server using External Shibboleth Identity Server for Authentication
I am designing a service to handle authentication across a number of hosted platforms. This service will need to be able to manage a number of different protocol for the users: LDAP, Shibboleth, no doubt others.
I was hoping to use the Shibboleth protocol internally and run the service as a Shibboleth IdP where depending on user category, nature of the protected resource, etc. the hard work of the authentication is passed on to the native LDAP, Shibboleth, or other server where the user already has an account.
It seems as though this should be possible, but I have not gotten sufficient clarity from the Shibboleth documentation to work out whether it is, let alone how to do it.
Is this possible? How do I do it? Useful documentation very much appreciated.
Upvotes: 1
Views: 517
Answers (1)
Reputation: 1434
Shibboleth is not a protocol; it is the name of the software stak that uses the SAML protocol.
Shibboleth can authenticate users from LDAP, AD (and database via a JAAS plugin).
Documentation on hooking up Shibboleth to use LDAP for authentication and attribute retrieval is at: https://wiki.shibboleth.net/confluence/display/SHIB2/ResolverLDAPDataConnector
Upvotes: 1
Related Questions
- Shibboleth 3 Idp using ws-fed
- Add Shibboleth SP to a tenant in WSO2 Identity Server
- Shibboleth SP to point to multiple idP
- Connecting Shibboleth as a IdP and API Publisher as SP
- shibboleth single sign on in java application server
- Can apache Shiro be used to build an Identity Provider?
- Configure Shibboleth SP with WSO2 IS IDP
- How to implement or integrate single sign on with SAML and Shibboleth
- Shibboleth and Autologin
- Passing Shibboleth credentials after successful authentication