Re: used shibboleth
Re: used shibboleth
- Subject: Re: used shibboleth
- From: TW <email@hidden>
- Date: Wed, 11 Mar 2009 20:26:09 -0700
On Mar 11, 2009, at 7:37 PM, Chuck Hill wrote:
On Mar 11, 2009, at 6:31 PM, TW wrote:
All:
Our campus is going to be moving to shibboleth as the preferred sso
authentication system for web apps. Has anyone here had any
experience with deploying web objects apps behind this
authentication mechanism? My understanding is that shibboleth
really operates more at the apache/web server layer. Because of
that I'm wondering what if anything really needs to be done at the
app layer.
Any insights, opinions, experiences, etc., would be gladly accepted
and appreciated.
Tim
Programmer/Analyst III, UCLA GSE&IS
Do you need to know who the user is, or just that they are
authenticated?
Chuck
My apps will definitely need to know who the user is. Apparently, with
shibboleth you can designate somehow that certain data gets sent back
to the requesting server - I think in the http headers. So, I'm
assuming that there's some intention to return something that will
identify the user since other systems on campus are already using it.
And I think I've read that campus wants to standardize what the
returned items are.
If it works as described, is sounds like it has the potential to make
authentication to my apps easier if we choose to use this instead of
our LDAP auth. Have you looked at or used shibboleth Chuck?
Tim Worman
Programmer/Analyst III, UCLA GSE&IS
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden