[External] Re: Can a Shibboleth service provider present itself as a SAML identity provider for federation?

Graham Leggett minfrin at sharp.fm
Wed Apr 24 11:00:04 EDT 2019

On 24 Apr 2019, at 16:55, Peter Schober <peter.schober at univie.ac.at> wrote:

> Both the documenteion for the SP (tooling examples -> Java) as well as
> my previous post already pointed you to the "interface" you'd use, and
> yes, it's exactly as simple as passing REMOTE_USER:

Sorry, I've missed it. As already pointed out, we’re using a turnkey application, we’re not developing the application from scratch.

> On the Jave side you'd use getRemoteUser() to get REMOTE_USER and
> request.getAttribute() to get the attributes you're interested in.
> (I.e., SAML Attributes become Request Attributes here, thanks to the
> Shibboleth SP and AJP from httpd to the Java servlet container.)

So AJP is the preferred method to pass information from Shibboleth to Java?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3260 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20190424/35e5c421/attachment.p7s>

More information about the users mailing list