0

I have to implement single sign-on in a ReactJs application where it's back-end is in python?

  1. using pingFederation - checking user authentication.
  2. then redirect to "React application" login page with SAML response. By hitting a POST request on login page

Please help me to handle this SAML response at my application login page. I am stack here to handle/get SAML response.

how do I configure shibboleth as a service provider?

Please share your thoughts.

Thank you

Amit Maan
  • 85
  • 9
  • 1
    You're using PingFederate as the IdP (identity provider). SAML should be sent to an SP (service provider) that converts the SAML assertion into something that your app can handle. SAML should not be verified in your application, because that requires you to share way too much of the security mechanism with the end user-agent. Instead, you should switch to a more appropriate protocol, such as OIDC or OAuth. Your IdP, using PingFed, can support all of these authentication and authorization mechanisms. Your alternative is to actually stand a SAML SP in your backend. – Andrew K. Nov 12 '20 at 17:33
  • I think "shibboleth" will manage this – Amit Maan Nov 17 '20 at 12:24
  • Then you should change your question and ask "how do I configure shibboleth as a service provider" or "how do I configure shibboleth to feed attributes to my application". – Andrew K. Nov 17 '20 at 12:34

1 Answers1

1

Only React application cannot do that. You need some backend.

If you are using SAML to connect then Shibboleth SP is a good choice.

Preferably Apache HTTPD server and java application.

Something like this

Akshay
  • 3,558
  • 4
  • 43
  • 77