how to configure Apache with Shibboleth to use ADFS

[Luis Rodríguez Fernández]

Hi Monty,

I am agree with Scott. If you are new to SAML you would need to read a
few docs in order to understand how the standard works. I would
recommend you the technical overview: look for the
sstc-saml-tech-overview-2.0-cd-02.pdf

If you are a little bit impatient these are the main steps that I
followed (Apache 2.2 with Shibboleth SP, over Ubuntu Natty, and ADFS
2.0 as IdP):

1. Install Shibboleth SP in your machine (apt-get install libapache2-mod-shib2)
2. Configure the Shibboleth module for your Apache
3. Configure the Shibboleth SP. For this step you will need a metadata
file provided for your IdP (ADFS)
4 Register your host in the IdP (here I can not help you so much, for
us the IdP is a black box...)

Enable Apache Web Server for SSL is a must!

In this link you have everything really well explained:
http://dev.e-taxonomy.eu/trac/wiki/ShibbolethSP2InstallDebianLenny
(thank you guys!)

Hope it helps,

Luis



2011/11/14 Cantor, Scott <cantor.2 at osu.edu>:
> On 11/14/11 1:45 PM, "Monty wig" <montywig at gmail.com> wrote:
>>
>>I am a newbie to Shibboleth and working on a project where I need to set
>>up Apache with Shibboleth to get authenticated by ADFS and wondering if
>>anyone has ever done it before and can provide some inputs where to start
>>and how...
>
> If you're new to SAML in general, you need to digest a lot of conceptual
> bits to understand the interop issues involved, or you're likely to
> struggle. Starting with a pure Shibboleth environment and/or testshib.org
> as an IdP is a better starting point.
>
> The specific issues associated with ADFS are to some extent documented in
> the wiki (search yourself, link not handy). Microsoft has a white paper on
> the subject, but it's very much overly complicated.
>
> -- Scott
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>



-- 
"Los caminos del usuario son inescrutables…"

-- Rick Cook