Can a Shibboleth service provider present itself as a SAML identity provider for federation?
minfrin at sharp.fm
Wed Apr 24 07:31:58 EDT 2019
I am currently struggling with a conceptual problem on how a federated Shibboleth integrates with an application that expects a SAML2 IDP.
My application embeds pac4j-saml, and integrates with a single IDP, and this works great.
I want to support multiple IDPs in a federation, and am struggling on how to configure this using Shibboleth.
The pac4j-saml applications expects to be given a metadata containing an IDPSSODescriptor tag. Shibboleth service provider metadata is presenting a SPSSODescriptor tag, and the two don’t chat.
Conceptually, what am I doing wrong?
Can Shibboleth present itself as a federated SAML2 IDP? The documentation seems to suggest it can, but then stops short of telling me how.
Can anyone fill me in?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3260 bytes
Desc: not available
More information about the users