configuration for two unrelated servers
Cantor, Scott
cantor.2 at osu.edu
Fri Mar 15 13:45:37 EDT 2013
On 3/15/13 1:27 PM, "Ewert, Craig" <Craig.Ewert at dish.com> wrote:
>Thanks, Kevin. I thought from first principles that must be the case.
>
>If I only wanted SSO, and could let W handle it's own security, could I
>have the W app send a Shibboleth/Login to A and have A hand back the SAML
>assertions it got from the IdP? In headers, or POST body or any which
>way? A and W are both behind a big ole firewall in a datacenter, so I'm
>not worried about traffic between them.
If you invent a protocol to do it, write all the code, etc, yes. That's
not SAML though. You're building your own SSO protocol.
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPOneMany
-- Scott
More information about the users
mailing list