Login box (embedded in external portals outside IdP)

[Paweł Pogoda]

Hi!

I have tried to make authentication on client1 side (of course it's
possible), but I don't know what request should I send to IdP only to
create session cookie in right domain - there is no such API or at least I
was not able to find it. I know that the problem which I try to resolve is
not typical. I hope that I'll be able to convience client to use standard
out of the box solution.

Best Regards
Pawel

2014-05-08 18:00 GMT+02:00 Ian Rifkin <irifkin at brandeis.edu>:

> Hi,
>
> but the problem is with top bar login which is on all public pages - we
>> are not able to "simulate" this on IdP side.
>>
>
> Okay, now we're getting at the root of your requirements. So what you're
> saying is they have a form that appears on all pages that allows you to
> type in your username and password (not a link to a login form)?
>
> e.g. Instead of a login button at the top like http://wordpress.com/ they
> want input fields like viewing a Facebook page not logged in?
>
> As people have said, that isn't the way an IdP is meant to work,* if*you're having the IdP handle the authentication.
>
> The only way I can think to make that work is if the SSO piece is handled
> through that and when they click to login it does the authentication
> *before it hits the IdP* (e.g. setting the username to REMOTE_USER) then
> redirecting to the IdP not for authentication, but just to do whatever
> lookup of information you need on the user before the authorization happens.
>
> I don't think I'm adding anything particularly new to the conversation,
> but your latest email does help explain the client's desires better.
>
> Take care,
> Ian
>
>
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140509/0701c2c5/attachment.html