Stack Overflow
Stack Overflow

Questions tagged [shibboleth]

A standards based, open source software package for web single sign-on across or within organizational boundaries.

The Shibboleth software implements widely used federated identity standards, principally OASIS' Security Assertion Markup Language (SAML), to provide a federated single sign-on and attribute exchange framework.

Shibboleth also provides extended privacy functionality allowing the browser user and their home site to control the attributes released to each application.

Using Shibboleth-enabled access simplifies management of identity and permissions for organizations supporting users and applications.

Shibboleth is developed in an open and participatory environment, is freely available, and is released under the Apache Software License.

559 questions
6
votes
1 answer

Securing Node JS API with JWT Token + Shibboleth SSO

My Question: How do I Secure my Node JS API with JWT Token having Shibboleth SSO as the Authentication mechanism? [MY APPLICATION FLOW] I have an AngularJS App and a Back-End Node JS App. AngularJS App communicates with the Back-End App through…
Ankit Prajapati
  • 1,425
  • 3
  • 14
  • 22
6
votes
1 answer

asp.net MVC authentication with Shibboleth

Shibboleth is a SSO Authentication that is added to IIS as a "plugin". After a user has done a Login there are Headers showing the Shibboleth Session: ShibSessionID ShibIdentityProvider eppn affiliation entitlement unscopedaffiliation ...more So i…
grunge
  • 135
  • 1
  • 1
  • 8
6
votes
2 answers

Shibboleth authentication in Rails

I am having a struggle getting this to work so I've created a hell-world Rails app to try and get this to work. Here's the repo with the code that is not working: https://github.com/pitosalas/shibtry Here's what I've done starting from an empty…
pitosalas
  • 10,286
  • 12
  • 72
  • 120
6
votes
1 answer

SP metadata: certificate for signing and encryption

The specification says that: Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0 2.4.1.1 Element The element provides information about the cryptographic key(s) that an entity uses to sign…
user1134181
6
votes
1 answer

Unable to locate metadata for identity provider

I'm trying to configure both Shibboleth service provider and identity provider on localhost for testing purposes. The problem is that I'm getting "unable to locate metadata for identity provider" error when trying to access a protected resource.…
Vsevolod
  • 512
  • 1
  • 5
  • 16
6
votes
1 answer

Any java application for Shibboleth Authentication?

I want to use shibboleth authentication for my web application. Is there any sample java application which tell how to use shibboleth authentication step by step. I have installed shibboleth but still didn't get idea how to use it.
bawlo
  • 107
  • 3
  • 10
5
votes
1 answer

Differences between SAML/OpenSAML/Shibboleth and OAuth/OpenId

1) I don't concretely underdstand fundamental differences between SAML and OAuth. OAuth is for authorization but OpenId for authentication too and SAML both authorization and authentication ? And why to use a combination of both technologies ? 2)…
Danton
  • 221
  • 2
  • 13
5
votes
2 answers

Saml SSO with mobile client

I have many questions regarding SAML and it's implementation through Shibboleth. I've done a fair amount of research and I would like to clarify a few things. I have a mobile application that communicates with our server. An enterprise customer of…
EK_AllDay
  • 1,095
  • 2
  • 15
  • 35
5
votes
1 answer

Symfony Guard Component and Stateless Authentication (Shibboleth)

It was required that my application uses a SSO Service called Shibboleth. So I used the existing shibboleth-bundle. Things have changed and we need to add a form authentication method for the user. So I decided to implement Shibboleth authentication…
Gerd Rönsch
  • 63
  • 4
5
votes
3 answers

Catch 302 with Apache and return 401 instead

We currently have a shibboleth implementation that protects a certain path. However, because this path is actually an HTTP request (made with an AngularJS app using $http), shibboleth will try to "redirect" this request to the Identity Provider, but…
jlewkovich
  • 2,725
  • 2
  • 35
  • 49
5
votes
1 answer

Verify Signature of SAML Response

I'm trying to follow the following spec to verify the signature of the SAML response: https://www.w3.org/TR/xmldsig-core/#sec-PKCS1 Here is my workflow: I get the SAML Response. I get rid of the signature envelope, I canonicalize it, I check the…
jn1kk
  • 5,012
  • 2
  • 45
  • 72
5
votes
2 answers

SAML Request Attributes In AuthnRequest

I kind of understand how basic SAML authentication supposed to work: User request resource at SP SP sends auth request to IDP IDP authenticates user and sends back some userId SP sends attribute query to IDP for additional details with userId IDP…
jn1kk
  • 5,012
  • 2
  • 45
  • 72
5
votes
1 answer

In an multi-tenant enviroment how can I provide different metadata for different Service Providers at runtime on different urls (subdomains)?

Working on SP initiated Single Sign On (SSO) with both SP and IdP are self-hosted thus have flexibility of editing both. I am using spring-security-saml2-core-1.0.1.RELEASE for hosting spring application (spring-security-3.2.8,…
shagun akarsh
  • 159
  • 2
  • 14
5
votes
1 answer

How do I set up a Shibboleth 3 identity provider?

Edit So, I think I'm almost there. The only thing still missing is that Shibboleth IdP returns an encrypted, transient NameId, and I need for it to return the user name, unencrypted. If anyone can get me past this last blocker, I will mark that…
JMarsch
  • 21,484
  • 15
  • 77
  • 125
5
votes
1 answer

Unexpected stack trace form Spring-Security-SAML when generating SP metadata?

I am attempting to integrate spring-security-saml with an existing application to allow that application to act as a service provider. Unfortunately, I can't seem to get the metadata filter to work. The webapp boots up without any fuss, but when I…
Tinned_Tuna
  • 237
  • 1
  • 12
1 2
3
37 38