I am working on a single sign-on login page using Shibboleth that will be used for a variety of web applications. Obviously we would like to make this page as secure and usable as possible while limiting the effects of phishing scams. What are the best practices to keep in mind when designing a login page? Some questions that have come...
Hi, I have some questions on this topic. Where do I get information about the currently connected user? That is, how does shibboleth pass the information? Can I set some restrictions on actions using [Authorize] attribute based on data acquired from shibboleth? Thanks in advance. Trimack ...
I've got a requirement that a ASP.NET web app use Shibboleth for the authentication. Has anyone done this before? Are there libraries out there to support the method calls? Or is this a Java only thing? ...
I have a Drupal site I am standing up for a client. I've been asked to use Single Sign on using SAML2 (where I would be the service provider and my client would be the identity provider). The best thing I have found so far has been either SimpleSAMLPHP https://ow.feide.no/simplesamlphp:drupal or Shibboleth -- http://drupal.org/proje...
Hi, I am developing a Facebook application to be used in a university (which already has a Shibboleth idProvider and many serviceProviders running). How do I integrate shibboleth into facebook? This is what I want to do: - For someone who is NOT a student, he can only see/use the public data/services. - For students, he can login using...
Has anyone integrated an iPhone application with a Shibboleth Identity Provider? Googling did not come up with anything so I am asking the gurus directly. If it has not been previously dones, is it feasible to do so? ...
I have been trying to understand how this problem is solved for over a month now. I really need to come up with a general approach that works -- I'm basically the only resource who can do it. I have a theory, but I'm just not sure it's the easiest (or correct) approach and I haven't been able to find any information to support my ideas. ...
Hi, I need to integrate shibboleth in my application . My application is .net web application. May I know how to do this one ? I have a separate server (ubuntu server) in which shibboleth idp and sp installed with apache configuration. I made lot of search on this. but I can't able to get the correct information for this one Can anyon...
I will soon need to add SSO to an ASP.NET app using SAML. The client will not provide access to their Shibboleth identity provider for testing, so I'll need to verify that SSO works myself. What would be the easiest method to use/setup a SAML identity provider for testing? I'm not keen on having to setup an infrastructure myself if I ...
As far as I understand there are two ways to get Shibboleth attributes: they are either available on $_SERVER or inside the HTTP header response (of the provider) In the later case, how can I make them available to the application? Even if I catch them once and try to inject them in the server environment with putenv(), it will onl...
In my installation the users login with Shibboleth [1], but the rule [2] I've set up to be executed on "User has logged in" event, isn't executed. On the other hand, when I login as administrator through the normal Drupal way, the rule is executed. Does this mean that the external login event isn't handled at all? Is there a way to ov...