Stack Overflow
Stack Overflow

Questions tagged [shibboleth]

A standards based, open source software package for web single sign-on across or within organizational boundaries.

The Shibboleth software implements widely used federated identity standards, principally OASIS' Security Assertion Markup Language (SAML), to provide a federated single sign-on and attribute exchange framework.

Shibboleth also provides extended privacy functionality allowing the browser user and their home site to control the attributes released to each application.

Using Shibboleth-enabled access simplifies management of identity and permissions for organizations supporting users and applications.

Shibboleth is developed in an open and participatory environment, is freely available, and is released under the Apache Software License.

559 questions
0
votes
0 answers

drupal mod_rewrite, add an exception for path/module

I have a Drupal installation configured with shib_auth and some mod_rewrite rules in the top level directory to ensure that users hiting the site are signed in. This is working correctly. But I have one module that provides a sort of API which is…
Kirby
  • 155
  • 7
0
votes
1 answer

Getting Claims from ADFS 3.0 and Displaying To Shibboleth 2.6 Service Provider (SP) in SAML 2.0

I'm trying to configure Windows Server 2012 r2 ADFS 3.0 to send the NameID to Shibboleth 2.6 SAML 2.0 SP, but I keep on getting these errors: 2016-11-15 10:07:07 WARN Shibboleth.AttributeResolver.Query [1]: can't attempt attribute query, either no…
Franz Noel
  • 1,820
  • 2
  • 23
  • 50
0
votes
1 answer

Remove Federation Errors in SAML 2.0 and ADFS 3.0

I am setting up ADFS 3.0 and SAML 2.0 using Shibboleth as a Service Provider (SP). I have successfully imported the certificates to ADFS. The ADFS Claims Provider (or ADFS IDP) login page works, because the user is redirected…
Franz Noel
  • 1,820
  • 2
  • 23
  • 50
0
votes
1 answer

How to read webserver environment variables using Apache TomEE?

I am planning to use the Shibboleth SSO Service Provider in my application, which is explained here. It is mentioned, that after a successful login, user information can be "read from the webserver environment, e.g. with $_SERVER['mail'] in PHP".…
user2035039
  • 961
  • 3
  • 16
  • 30
0
votes
1 answer

Shibboleth - certificate name was not acceptable

I am using my SP to authenticate with TestShib IDP. After logging in on the IDP, on the SP Side I get this error Unable to establish security of incoming assertion. From the shibd.log I see 2016-11-03 11:30:34 ERROR XMLTooling.TrustEngine.PKIX…
SteeleDev
  • 169
  • 1
  • 3
  • 12
0
votes
1 answer

Adding Shibboleth authentication to Symfony

I've been developing a Symfony app (learning Symfony with the goal of replacing an existing "old school" PHP script with it) and am having an issue with putting it "behind" our Shibboleth authentication. Why do that? For this app I need…
Stephen Spencer
  • 1
  • 1
0
votes
1 answer

shibboleth: resolving attributes based on multiple LDAP attributes

Using Shibboleth, is it possible to configure attribute-resolver.xml to set and release an attribute based on the existence of multiple LDAP attributes? For example, I want to release an "email" attribute to the service provider: if LDAP has an…
Micho Rizo
  • 1,000
  • 3
  • 12
  • 27
0
votes
1 answer

Shibboleth return username as HTTP Header instead of SAML attribute

Shibboleth IDP and SP are talking great and the data I need is in the SAML. What configuration is required for allowing shibboleth to return an HTTP Header with the info I need(yes I know it's a bad idea but don't have a choice). I'm running SP 2.6…
Eric Nord
  • 4,674
  • 3
  • 28
  • 56
0
votes
1 answer

PHP wants Shibboleth attributes in $_SERVER but they are only in Provider's HTTP response headers

As far as I understand there are two ways to get Shibboleth attributes: they are either available on $_SERVER or inside the HTTP header response (of the provider) In the later case, how can I make them available to the application? Even if I…
Paul Syrus
  • 21
  • 2
0
votes
1 answer

Passing shibboleth sp attributes to application on Jetty with Apache as proxy

I have a few spring boot applications running on Jetty embedded. And I have Shibboleth SP running on Apache server. I am able to pass assertion attributes to Tomcat via AJP, but, since Jetty9 doesn't support AJP anymore, I can't do the same. I want…
Avinash K
  • 65
  • 11
0
votes
3 answers

Shibboleth SP - Reading assertion attributes from Java

I understand that configured attributes will be stored as environment variables by default and will be accessible like request.getAttribute("Shib-Identity-Provider") I tried that and after some googling I understood that to access them in Java…
Avinash K
  • 65
  • 11
0
votes
1 answer

SAML vs. CAS / Shibboleth

I am evaluating different protocols and software packages for my SSO project and I was thinking about the pros and cons of making an SSO system with SAML and one with something like CAS or Shibboleth. I couldn't really find any reason why I should…
yemerra
  • 1,352
  • 4
  • 19
  • 44
0
votes
2 answers

Install IIS alongside ADFS 3.0

I understand ADFS 3.0 has removed the need for IIS and that it's run directly out of HTTP.SYS now. So does this mean it's not even possible to add IIS back so one could implement a custom FormsAuth (web forms) type integration as you used to be able…
Matt Borja
  • 1,509
  • 1
  • 17
  • 38
0
votes
0 answers

JWT for Angular2 and Laravel

Is there any plugin that uses JWT for authentication with Laravel and angular? The authentication should be done by a 3rd party like Shibboleth.
shaswa
  • 335
  • 4
  • 14
0
votes
0 answers

shibboleth saml response attributes not is servervariables in Application_PostAuthenticateRequest

scenario: 1. "Host name="sp.edu" authType="shibboleth" scheme="http" requireSession="true"> " when pinged back with /Shibboleth.sso/SAML2/POST, Chrome shows saml response data and all the attributes declared in the attribute-map.xml in…
Juan Fiat
  • 1
  • 1
1 2 3
37 38