[External] Re: Can a Shibboleth service provider present itself as a SAML identity provider for federation?

Domingues, Michael D michael-domingues at uiowa.edu
Wed Apr 24 10:21:52 EDT 2019 

Hi Greg,

The confusion here is that "Shibboleth" doesn't refer to a single piece of software, it's an overarching brand for a few distinct software packages (the Shibboleth SP, the Shibboleth IDP, and the Shibboleth Metadata Aggregator).

They're not a common codebase, and typically, you're only running either the Service Provider (if you're trying to protect an application) or the Identity Provider (if you're a company or institution trying to run a login server).

Authoritative documentation for the IDP can be found here: https://wiki.shibboleth.net/confluence/display/IDP30

Authoritative documentation for the SP can be found here: https://wiki.shibboleth.net/confluence/display/SP3

Based on what you've described, it sounds like you're interested in the Shibboleth SP. Using metadata (either statically loaded, or consumed dynamically if its signed by a trusted key), you can support logins from any number of IDPs. An overview of the SP's configuration can be found here: https://wiki.shibboleth.net/confluence/display/SP3/Configuration

Best,
Michael
________________________________
From: users <users-bounces at shibboleth.net> on behalf of Graham Leggett <minfrin at sharp.fm>
Sent: Wednesday, April 24, 2019 9:08 AM
To: Shib Users
Subject: [External] Re: Can a Shibboleth service provider present itself as a SAML identity provider for federation?

On 24 Apr 2019, at 15:17, Cantor, Scott <cantor.2 at osu.edu> wrote:

>> Can Shibboleth present itself as a federated SAML2 IDP? The documentation seems to suggest it can, but then stops
>> short of telling me how.
>
> Where is there any SP documentation that implies that it acts as an IdP?

https://www.shibboleth.net/index/basic/ - most specifically "Federated Single Sign-on”.

Regards,
Graham
—

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20190424/af97104d/attachment.html>

More information about the users mailing list