Can a Shibboleth service provider present itself as a SAML identity provider for federation?
Graham Leggett
minfrin at sharp.fm
Wed Apr 24 10:56:01 EDT 2019
On 24 Apr 2019, at 16:44, Peter Schober <peter.schober at univie.ac.at> wrote:
> That's fine and from what I heard pac4j-saml seemed quite capable.
> That it doesn't support more than one IDP sucks (though that isn't all
> that uncommon) and that's why you should replace it, if that's doable.
> Doing that (instead of adding a proxy) should provide better security
> and more protocol fidelity.
We definitely in a position to replace it - the question is what to replace it with.
Can Shibboleth pass metadata to an application behind Shibboleth using something like JWT?
Regards,
Graham
—
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3260 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20190424/390c7a6e/attachment.p7s>
More information about the users
mailing list