how to use an automated user agent to talk to a shibboleth SP
Cantor, Scott
cantor.2 at osu.edu
Wed Apr 23 13:46:48 EDT 2014
On 4/23/14, 1:25 PM, "Andrew Ragusa" <aragusa at grnoc.iu.edu> wrote:
>
>I'm looking to have an automated script pull data from a shibboleth
>protected web-service. Does anyone have examples on a robust mechanism
>for this? We have lots of people using their own IdP to talk to our SP
>and so want something that will mostly just work for everyone, or most
>users.
No such thing unless you limit the interface to the IdP. The defined way
to expose an HTTP service but use SAML is the ECP profile, but most IdPs
don't support it. Likewise, anything else would be screen scraping and
necessarily specific to some IdP(s).
If you're looking for tools that can help navigate a typical form-based
login, then webisoget from Jim Fox is one such.
But from the perspective of exposing a service in a formally supported
sense, allowing for SAML usage, the answer is ECP.
-- Scott
More information about the users
mailing list