Shibboleth IdP configuration with simplified backend
Cantor, Scott
cantor.2 at osu.edu
Wed Apr 30 11:50:30 EDT 2014
On 4/30/14, 11:18 AM, "Marek Denis" <marek.denis at gmail.com> wrote:
>
>@Kevin - ECP on testshib.org is a great news. I will not have to spend
>time on my own IdP (which i don't really need).
I don't know if the IdP has it enabled, what Kevin specifically mentioned
was the SP.
>Now, since some people started mentioning different authn mechanisms -
>is HTTP Basicauth a most popular authn mechanism with user/password
>involved? Doesn't ECP itself include some authn mechanism?
No, ECP is SOAP over HTTP, which means authentication is left to SOAP or
HTTP. That includes a hundred or more possibilities. The only conceivable
common denominator is basic-auth and client TLS.
>And lastly, my initial question concerned backends sitting behind IdP.
>So, as I needed a very simple IdP I was asking if there are other
>configs/plugins for setting up Shibboleth IdP with something but LDAP
>underlying. LDAP is probably not very easy to setup and configure,
>especially given the fact I have never done this before :-)
Kerberos is certainly easier.
-- Scott
More information about the users
mailing list