Multiple IDP but single login challenge
Losen, Stephen C (scl)
scl at virginia.edu
Fri May 10 06:32:11 EDT 2019
It sounds like what you really need is a single IDP and a single user database. You probably need to maintain some new attributes in the user database, such as group membership, or entitlements, etc., to control which users have access to each SP.
ITS - Enterprise Infrastructure
University of Virginia
scl at virginia.edu 434-924-0640
From: users <users-bounces at shibboleth.net> On Behalf Of pallavi.tambe
Sent: Friday, May 10, 2019 6:09 AM
To: users at shibboleth.net
Subject: Re: Multiple IDP but single login challenge
Thank you for taking the time to answer my questions.
Basically we have 2 different applications which have their individual IDPs.
Say we have *App1* with IDP1 and *App2 *with IDP2. And now we want to integrate these 2 applications, that is why we have kept similar users in their databases. (Just the usernames are same).
So now usecase is we launch the login screen for App1 it redirects to IDP1, user logs in . Now we want to redirect to App2 to get some data, but now we don't want to throw the login challenge this time.
SP configured for App2 should approve the assertions from IDP1.
Sent from: http://shibboleth.1660669.n2.nabble.com/Shibboleth-Users-f1660767.html
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users