Integration of facebook/Google with Shibboleth

Zico mailzico at gmail.com
Mon Feb 27 04:54:09 EST 2017 

Abdul,

You might check Gluu products. It has free community edition available
which you can try, including Shib v2 and v3, OpenID Connect, CAS, 2FA etc.
As well, social authentications are being achieved there as well. Here is
the link: https://www.gluu.org/ and docs: https://gluu.org/docs/

On Mon, Feb 27, 2017 at 3:42 AM, abdul waheed <abdulwaheed18 at gmail.com>
wrote:

> Thanks Liam for the Response.
>
> I am more into either Open source products or some ideas so that we can
> implement myself. I checked Cognito and SimpleSAMLphp but I cannot go with
> paid products and cannot rely on SimpleSAMLphp as it was last updated some
> 4 years back.
>
> Can we do something similar into our Shibboleth Idp by having custom
> Servlet like facebook servlet which will Sp request to FB request and after
> authorization sends it back the SAML response to Idp?
>
> Plese, let me know if there is something else I can think of.
>
> Regards,
> Abdul Waheed.
>
>
>
> On Tue, Feb 21, 2017 at 8:42 PM, Liam Hoekenga <liamr at umich.edu> wrote:
>
>> If you control the application, and can implement support for additional
>> protocols, you could modify the application to support SAML and OAUTH/ OIDC
>> / Facebook.  I've been kind of curious about AWS's "Cognito" service -
>> https://aws.amazon.com/cognito/
>>
>> If you want to do it all via SAML, you'll need to set up a proxy server
>> that can translate OAUTH2/OIDC and Facebook Connect into SAML.
>>
>> You can do it yourself (SimpleSAMLphp is a popular base for this kind of
>> thing), or you can buy a solution.  CirrusIdentity offers a "social to
>> SAML" gateway service - http://www.cirrusidentity.com/
>>
>> Liam
>>
>>
>>
>>
>> On Tue, Feb 21, 2017 at 4:47 AM, abdul waheed <abdulwaheed18 at gmail.com>
>> wrote:
>>
>>> Hi All,
>>>
>>> I have a setup where my application is protected by Shibboleth and am
>>> using Discovery Service to support multiple Idp like Shibboleth IDP and
>>> ADFS and everything are working absolutely fine.
>>>
>>> Now, I want to integrate my application with a social login so that
>>> users can login from facebook/Google. I have checked G suite which supports
>>> SAML but seems like it only supports custom domain and a user cannot use
>>> its private Gmail account and similarly facebook implementation is not
>>> straightforward.
>>>
>>> I thought of adding one gateway which will come between SP and social
>>> login like facebook convert SAML authn request to Non-SAML request and
>>> after authentication, the same gateway will convert back into SAML response
>>> so that Shibboleth session get created after facebook login and SSO will
>>> work seamlessly.
>>>
>>> Can someone give some pointer where a user can login via facebook/Google
>>> and it should also support SSO?
>>>
>>>
>>> Thanks,
>>> Abdul.
>>>
>>>
>>>
>>> --
>>> To unsubscribe from this list send an email to
>>> users-unsubscribe at shibboleth.net
>>>
>>
>>
>> --
>> To unsubscribe from this list send an email to
>> users-unsubscribe at shibboleth.net
>>
>
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>



-- 
Best,
Zico
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170227/dad4bc5d/attachment.html>

More information about the users mailing list