Integration of facebook/Google with Shibboleth
abdul waheed
abdulwaheed18 at gmail.com
Mon Feb 27 05:17:45 EST 2017
Thanks Zico but I already have my setup of Shibboleth Sp and Shibboleth Idp
up and running.
I am just looking for social login module which is open source and can
easily integrate with my existing setup.
On the other hand, Gluu itself is a separate server and I cannot add only
social login into my application.
Thanks,
Abdul.
On Mon, Feb 27, 2017 at 3:24 PM, Zico <mailzico at gmail.com> wrote:
> Abdul,
>
> You might check Gluu products. It has free community edition available
> which you can try, including Shib v2 and v3, OpenID Connect, CAS, 2FA etc.
> As well, social authentications are being achieved there as well. Here is
> the link: https://www.gluu.org/ and docs: https://gluu.org/docs/
>
> On Mon, Feb 27, 2017 at 3:42 AM, abdul waheed <abdulwaheed18 at gmail.com>
> wrote:
>
>> Thanks Liam for the Response.
>>
>> I am more into either Open source products or some ideas so that we can
>> implement myself. I checked Cognito and SimpleSAMLphp but I cannot go with
>> paid products and cannot rely on SimpleSAMLphp as it was last updated some
>> 4 years back.
>>
>> Can we do something similar into our Shibboleth Idp by having custom
>> Servlet like facebook servlet which will Sp request to FB request and after
>> authorization sends it back the SAML response to Idp?
>>
>> Plese, let me know if there is something else I can think of.
>>
>> Regards,
>> Abdul Waheed.
>>
>>
>>
>> On Tue, Feb 21, 2017 at 8:42 PM, Liam Hoekenga <liamr at umich.edu> wrote:
>>
>>> If you control the application, and can implement support for additional
>>> protocols, you could modify the application to support SAML and OAUTH/ OIDC
>>> / Facebook. I've been kind of curious about AWS's "Cognito" service -
>>> https://aws.amazon.com/cognito/
>>>
>>> If you want to do it all via SAML, you'll need to set up a proxy server
>>> that can translate OAUTH2/OIDC and Facebook Connect into SAML.
>>>
>>> You can do it yourself (SimpleSAMLphp is a popular base for this kind of
>>> thing), or you can buy a solution. CirrusIdentity offers a "social to
>>> SAML" gateway service - http://www.cirrusidentity.com/
>>>
>>> Liam
>>>
>>>
>>>
>>>
>>> On Tue, Feb 21, 2017 at 4:47 AM, abdul waheed <abdulwaheed18 at gmail.com>
>>> wrote:
>>>
>>>> Hi All,
>>>>
>>>> I have a setup where my application is protected by Shibboleth and am
>>>> using Discovery Service to support multiple Idp like Shibboleth IDP and
>>>> ADFS and everything are working absolutely fine.
>>>>
>>>> Now, I want to integrate my application with a social login so that
>>>> users can login from facebook/Google. I have checked G suite which supports
>>>> SAML but seems like it only supports custom domain and a user cannot use
>>>> its private Gmail account and similarly facebook implementation is not
>>>> straightforward.
>>>>
>>>> I thought of adding one gateway which will come between SP and social
>>>> login like facebook convert SAML authn request to Non-SAML request and
>>>> after authentication, the same gateway will convert back into SAML response
>>>> so that Shibboleth session get created after facebook login and SSO will
>>>> work seamlessly.
>>>>
>>>> Can someone give some pointer where a user can login via
>>>> facebook/Google and it should also support SSO?
>>>>
>>>>
>>>> Thanks,
>>>> Abdul.
>>>>
>>>>
>>>>
>>>> --
>>>> To unsubscribe from this list send an email to
>>>> users-unsubscribe at shibboleth.net
>>>>
>>>
>>>
>>> --
>>> To unsubscribe from this list send an email to
>>> users-unsubscribe at shibboleth.net
>>>
>>
>>
>> --
>> To unsubscribe from this list send an email to
>> users-unsubscribe at shibboleth.net
>>
>
>
>
> --
> Best,
> Zico
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170227/5d902205/attachment.html>
More information about the users
mailing list