Monday, May 6, 2013

User Shibboleth for federated SSO


What is Shibboleth?

http://shibboleth.net/about/


How does it works & what is the federated SSO?

http://shibboleth.net/about/basic.htmlhttp://shibboleth.net/about/intermediate.htmlhttp://shibboleth.net/about/advanced.html


Install Shibboleth and set up a SP

After we get the idea of Shibboleth and Federated SSO, we can start to set the components (In this post, we are not going to set up IDP components, and assume it is already there).
Install a Shibboleth SP (Service Provider)

http://wiki.aaf.edu.au/tech-info/sp-install-guide

And more config info can be found at:
https://wiki.shibboleth.net/confluence/display/SHIB2/FlowsAndConfig



Make the Shibboleth protected resources be retrievable to Java/Grails applications.

The Shibboleth SP is presently only implemented in C++ as a module for Apache httpd, IIS, and NSAPI. So the Java (Or grails) application can not read the SP protected Resources (normally is the authenticated User Info, with Shibboleth is attributes).

However, it's quite easy to use the Shibboleth SP to provide authentication information for Java servlets in a wide variety of servlet containers. 

The info to set up the connection between apache and java servlet containers, like tomcat, and make all SP attributes (authenticated user info) be visible/retrievable by the applications deployed in the containers can be found from the following link.
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPJavaInstall

This tutorial also provides a demo application which can read SP attributes directly by using request.getArrtibute(attributeName). 

For Grails developers, you can install federatedGrails plugin and run command to generate the sample code for Authentication business logic and read it as a reference.
    

More details about Shibboleth can be found on its project wiki.
For these developers who want to set up IDP server using Shibboleth, technical info can be found on https://wiki.shibboleth.net/confluence/display/IDP30/Home.

I hope this post will be useful to all developers, like me, who are working on federation sso and want to know more knowledge in this topic.


********** Step by Step Example ************

There is a full example shows how to install Shibboleth and make the protected resources readable to Applications deployed on Tomcat. https://github.com/IntersectAustralia/aodn-portal/wiki/Deployment-Guide#14-install-aaf-shibboleth-vm4




12 comments:

  1. Thanks for sharing informative article on java application development. Your post helped to understand the career in Java. JAVA Training in Chennai

    ReplyDelete
  2. Information about JAVA have spread all over the world wide web, but this information is quite unique and attractive. Thanks for sharing it in here. Keep blogging

    JAVA J2EE Training Institutes in Chennai
    JAVA Training

    ReplyDelete
  3. Thanks for sharing those useful basic programming stuff’s of Python, it helps me to explore my knowledge in programming...if you want to switch your career in developing area you should know the basic of programming’s for that you have to read python because it was the first programming language for more details contact the link.
    Regards,
    Python Training in Chennai|Python Training

    ReplyDelete
  4. Thanks for sharing this pretty post to our knowledge, SAS is a program that assists to retrieve, managing and uploading the data & simply it’s an integration system of software for performing these actions, thanks for taking your time to discuss about this topic.
    Regards,
    sas training in Chennai|sas course in Chennai|sas training institute in Chennai

    ReplyDelete
  5. Whatever we gathered information from the blogs, we should implement that in practically then only we can understand that exact thing clearly, but it’s no need to do it, because you have explained the concepts very well. It was crystal clear, keep sharing dude.
    Regards,
    Best Informatica Training In Chennai|Informatica training center in Chennai|Informatica training in chennai

    ReplyDelete
  6. It’s really a good post; actually I just begin to learn above stuffs to get my career enhancement. Thanks for sharing the useful post I would to see your upcoming blogs here.
    Regards,
    SAS Training in Chennai|SAS Course in Chennai

    ReplyDelete
  7. it is my pleasure to came your4 blog you have explained very well thanks for sharing this effective blog.

    sas training in chennai

    ReplyDelete
  8. The strategy you have posted on this technology helped me to get into the next level and had lot of information in it. The Struts, Spring, Hibernate are the advanced level of programming language which are most widely used.
    struts training in chennai | struts training

    ReplyDelete
  9. Well Said, you have furnished the right information that will be useful to anyone at all time. Thanks for sharing your Ideas.
    PHP Training in Chennai | PHP Course in Chennai

    ReplyDelete
  10. The strategy you posted was nice. The people who want to shift their career to the IT sector then it is the right option to go with the ethical hacking course.
    Ethical hacking course in Chennai | Ethical hacking training in chennai

    ReplyDelete
  11. Thanks for sharing those useful basic programming stuff’s of Python, it helps me to explore my knowledge in programming.
    Web Designing training in noida | SAS Summer Training in Noida | Java Training in Noida

    ReplyDelete