Shibboleth Component

Posted on 2014-08-30
Last Modified: 2014-09-02
What function does the Shibboleth downloadable "SP Component" perform.  

Can it be called by the web service to validate the incoming token?

Question by:Anthony Lucia
    1 Comment
    LVL 60

    Accepted Solution

    Shibboleth wiki has wealth of info and specific to SP, its details as below and is installed in web server to provide as gateway to protected resource that required user to be authenticated via the agreed IdP. No diff from the SP understanding ...

    It can be called by webservices or sometimes (and I see it) as web application
    The SP software calls a grouping of resources that are meant to be accessed as a unit an "application". This term is used in a precise way and doesn't necessarily refer to something you would actually draw a line around as a "web application", although certainly it can and often does. An application defined to the SP software has a number of important qualities..

    Any two resources protected by the same physical SP software (or a cluster) can be aggregated into an application. They don't have to live in the same directory or even the same virtual host. Of course, it's common for that to be the case, and generally a good idea, for obvious reasons. But it's not a technical limitation.

    The meat of the software configuration is divided across two sections of the shibboleth2.xml file: the <RequestMapper> and the <ApplicationDefaults> elements. In the case of Apache, the former is generally omitted in favor of Apache-specific commands.

    How it All Fits Together (see the SP if you are intereted in its doing in quick brief sum up)
    1. User Accesses Protected Resource
    2. SP Determines IdP and Issues Authentication Request
    3. User Authenticates to the IdP
    4. IdP Issues Response to SP
    5. Back to the SP
    6. Back to the Protected Resource

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Live - One-on-One Java Help from Top Experts

    Solve your toughest problems, fast.
    Java experts are online now and ready to help you.

    Suggested Solutions

    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
    Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
    Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now