how to use an automated user agent to talk to a shibboleth SP
Andrew Ragusa
aragusa at grnoc.iu.edu
Wed Apr 23 13:50:31 EDT 2014
Hi Scott
That was pretty much the response I expected. I just wanted to verify
that we were not missing anything before I go off and attempt to figure
out how to do all of the ECP parts.
Thanks again
A.J. Ragusa
On 4/23/14 1:46 PM, Cantor, Scott wrote:
> On 4/23/14, 1:25 PM, "Andrew Ragusa" <aragusa at grnoc.iu.edu> wrote:
>>
>> I'm looking to have an automated script pull data from a shibboleth
>> protected web-service. Does anyone have examples on a robust mechanism
>> for this? We have lots of people using their own IdP to talk to our SP
>> and so want something that will mostly just work for everyone, or most
>> users.
>
> No such thing unless you limit the interface to the IdP. The defined way
> to expose an HTTP service but use SAML is the ECP profile, but most IdPs
> don't support it. Likewise, anything else would be screen scraping and
> necessarily specific to some IdP(s).
>
> If you're looking for tools that can help navigate a typical form-based
> login, then webisoget from Jim Fox is one such.
>
> But from the perspective of exposing a service in a formally supported
> sense, allowing for SAML usage, the answer is ECP.
>
> -- Scott
>
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>
More information about the users
mailing list