shibboleth

Shibboleth 4 IDP: Query two different login sources with the Password flow

北战南征 提交于 2021-01-07 02:57:36
问题 I have two login sources (an Active Directory and a local MySQL Database) that each contain different users. I want to configure the Password flow in this way: query the AD first if this succeeds, the user gets logged in if it fails, query the local database and log the user in if this succeeds else, authentication fails How can I achieve that? 回答1: This is the solution I found: inside the file conf/authn/password-authn-config.xml put the following lines or replace if they already exist:

Shibboleth 4 IDP: Query two different login sources with the Password flow

一笑奈何 提交于 2021-01-07 02:55:51
问题 I have two login sources (an Active Directory and a local MySQL Database) that each contain different users. I want to configure the Password flow in this way: query the AD first if this succeeds, the user gets logged in if it fails, query the local database and log the user in if this succeeds else, authentication fails How can I achieve that? 回答1: This is the solution I found: inside the file conf/authn/password-authn-config.xml put the following lines or replace if they already exist:

SAML Request Attributes In AuthnRequest

久未见 提交于 2020-03-18 15:57:11
问题 I kind of understand how basic SAML authentication supposed to work: User request resource at SP SP sends auth request to IDP IDP authenticates user and sends back some userId SP sends attribute query to IDP for additional details with userId IDP sends back attributes SP gives user resource My issue is, can you any way bypass AttributeQuery. When I make a SAML 2.0 request to my testing Gluu/Shibboleth server, I get back givenName (firstname) and sn (lastname). Is there anyway I can request

SAML Request Attributes In AuthnRequest

拜拜、爱过 提交于 2020-03-18 15:56:22
问题 I kind of understand how basic SAML authentication supposed to work: User request resource at SP SP sends auth request to IDP IDP authenticates user and sends back some userId SP sends attribute query to IDP for additional details with userId IDP sends back attributes SP gives user resource My issue is, can you any way bypass AttributeQuery. When I make a SAML 2.0 request to my testing Gluu/Shibboleth server, I get back givenName (firstname) and sn (lastname). Is there anyway I can request

JMeter; session cookie

早过忘川 提交于 2020-03-05 09:52:29
问题 I've seen several JMeter threads that kind of touch on my issue, but none seem to address my specific problem. The problem is - the web-site that I am testing, works like this: A home-page with logon fields, and a submit button. When you first browse to this page in a browser, a PHPSESSID cookie is set (comes down in the Response Header) with a unique Value, to identify the session. When the user clicks on the login button (username and password on this page are irrelevant in the system's

Shibboleth SSO CORS error

非 Y 不嫁゛ 提交于 2020-02-28 09:49:51
问题 Our app(AngularJS + REST) is protected by Shibboleth service provider for SSO. The issue is we are seeing CORS errors when trying to make ajax calls for the REST services, saying the redirect to IDP failed "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at" However if we refresh/reload the browser everything works fine. I believe the cookie is not created first time around, and got created after force reload. Obviously this is not acceptable

Single Sign on using Shibboleth

时光怂恿深爱的人放手 提交于 2020-01-13 19:55:16
问题 I have to implement Single Sign On in my .NET(3.5) project using Shibboleth . Detailed requirement goes this way: 1) I have developped a web application using .NET (3.5) named "abc.com". 2) There are some third party applications which will be launched from "abc.com" 3) If I have logged in to "abc.com" and now if I launch any of the supported third party applications then it should not ask for login information again. From last few days I have been reading Shibboleth from https://spaces