Pass authentication to another application

Rob Brooks rbrooks at biz-tech-solutions.com
Mon Sep 17 18:33:35 EDT 2018 

Thanks for the help Nate.  I believe I'll be go with the last method you
mentioned.

On Mon, Sep 17, 2018, 3:13 PM Nate Klingenstein <ndk at sudonym.me> wrote:

> Rob,
>
> It sounds like you want to basically act as an authentication proxy for
> the other application.  You'll certainly need to know what protocols they
> support.
>
> A conventional approach would be to run a Shibboleth IdP protected by your
> Shibboleth SP that re-asserts the authentication information you received
> from the Ping Federate IdP to the application using SAML 2.0 as the
> protocol.
>
> The actual link in your application could directly trigger an
> "unsolicited" assertion of information and a destination landing page after
> the SAML transaction has completed.
>
>
> https://wiki.shibboleth.net/confluence/display/IDP30/UnsolicitedSSOConfiguration
>
> Or, you could link directly to their service and have it issue an
> authentication request to your Shibboleth IdP, which would issue an
> assertion in response.  That is generally preferable.
>
> Take care,
> Nate.
>
>
> On Mon, Sep 17, 2018 at 2:51 PM, Rob Brooks <
> rbrooks at biz-tech-solutions.com> wrote:
>
>> Hello, I use shibboleth SP to authenticate against a PING Federated IdP
>> (not in my control) for my web application.  I want to provide a link in my
>> application that then passes this authentication on to another
>> application.  Can you help me to understand this process flow?  The 3rd
>> party application that needs authentication has its own SSO SP (not sure of
>> product) and I have the ear of their developers and can suggest workflow.
>> The Ping Federated server would be harder to implement change with.
>>
>> Thanks,
>> Rob Brooks
>>
>>
>>
>> --
>> For Consortium Member technical support, see
>> https://wiki.shibboleth.net/confluence/x/coFAAg
>> To unsubscribe from this list send an email to
>> users-unsubscribe at shibboleth.net
>>
>
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180917/315704f7/attachment.html>

More information about the users mailing list