Solved

Apache web application(s) as Service Provider - ADFS 2.0 as IDP

Posted on 2014-10-16
4
81 Views
Last Modified: 2016-06-19
Hi,

I have encountered an Enterprise environment with redundant ADFS 2.0 federation servers and Federation proxies. There is an two way trust to an supplier network (the trust will get decommissioned). In the supplier network there is an basic configuration of adfs 3.0 with the regarding WAP servers. Supplier network runs several type of applications. Oracle based apps, Linux based apps running running on Apache 2.x (LAMP) and Microsoft apps.

The question is now mainly focused on the LAMP applications

I have Googled a bit and found the following results:
Spring SAML could be used to make a LAMP application act as Service Provider (SAML 2.x). This is configured within the application.
Shibboleth is used to make Apache act as an service provider

What are the best practices to make Linux Apache applications Service Provider? Communicating with ADFS 2.0
Is there any by Microsoft recommended 3rd party software to use

Note: Security is a huge issue that need to be taken into consideration.

Thank you in advance for your time and effort.

Best regards,
Reza
0
Comment
Question by:RSayadi
  • 2
4 Comments
 
LVL 1

Author Comment

by:RSayadi
ID: 40398745
scanario-01.jpg
0
 
LVL 61

Expert Comment

by:gheist
ID: 40409381
In primitive means apache can support SSO via samba's winbindd.
0
 
LVL 1

Accepted Solution

by:
RSayadi earned 0 total points
ID: 40491524
Solution is to use a simpleSAMLphp or shibboleth kind of product for LAMP applications and add it to ADFS 3, where ADFS 3 can be a SP for ADFS 2 in this scenario. The Oracle OBIEE 9+ (weblogic has built in SAML authentication support and can act as an SP and/or IDP.

This question can be closed
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
XMind Plus helps organize all details/aspects of any project from large to small in an orderly and concise manner. If you are working on a complex project, use this micro tutorial to show you how to make a basic flow chart. The software is free when…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now