[External] Re: Can a Shibboleth service provider present itself as a SAML identity provider for federation?

Guillaume Rousse guillaume.rousse at renater.fr
Wed Apr 24 10:52:53 EDT 2019

Le 24/04/2019 à 16:48, Graham Leggett a écrit :
> Protecting an Apache httpd based resource is straightforward and easy to 
> understand, however the java application behind needs full access to all 
> the SSO metadata in order to know what groups and attributes the end 
> user has. It’s not as simple as passing the REMOTE_USER.
I guess you'll find what you need here:

BTW, there isn't any 'group' notion in SAML protocol AFAIK, only attributes.

Guillaume Rousse
Pôle SSI

Tel: +33 1 53 94 20 45

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3637 bytes
Desc: Signature cryptographique S/MIME
URL: <http://shibboleth.net/pipermail/users/attachments/20190424/2e7d16be/attachment.p7s>

More information about the users mailing list