Solved

Apache web application(s) as Service Provider - ADFS 2.0 as IDP

Posted on 2014-10-16
4
131 Views
Last Modified: 2016-06-19
Hi,

I have encountered an Enterprise environment with redundant ADFS 2.0 federation servers and Federation proxies. There is an two way trust to an supplier network (the trust will get decommissioned). In the supplier network there is an basic configuration of adfs 3.0 with the regarding WAP servers. Supplier network runs several type of applications. Oracle based apps, Linux based apps running running on Apache 2.x (LAMP) and Microsoft apps.

The question is now mainly focused on the LAMP applications

I have Googled a bit and found the following results:
Spring SAML could be used to make a LAMP application act as Service Provider (SAML 2.x). This is configured within the application.
Shibboleth is used to make Apache act as an service provider

What are the best practices to make Linux Apache applications Service Provider? Communicating with ADFS 2.0
Is there any by Microsoft recommended 3rd party software to use

Note: Security is a huge issue that need to be taken into consideration.

Thank you in advance for your time and effort.

Best regards,
Reza
0
Comment
Question by:RSayadi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 1

Author Comment

by:RSayadi
ID: 40398745
scanario-01.jpg
0
 
LVL 62

Expert Comment

by:gheist
ID: 40409381
In primitive means apache can support SSO via samba's winbindd.
0
 
LVL 1

Accepted Solution

by:
RSayadi earned 0 total points
ID: 40491524
Solution is to use a simpleSAMLphp or shibboleth kind of product for LAMP applications and add it to ADFS 3, where ADFS 3 can be a SP for ADFS 2 in this scenario. The Oracle OBIEE 9+ (weblogic has built in SAML authentication support and can act as an SP and/or IDP.

This question can be closed
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question