SAML2 SSO with WebObjects

Discussion:

Timo Hoepfner

2018-10-30 08:38:27 UTC

Hi List,

I need to add SAML2 SSO to a WO application. Does anyone have some tips how to accomplish this?

Timo
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (Webobjects-***@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/uoh8%40ml-in.narkive.net

This email sent to ***@ml-in.narkive.net

Asa Steady Hardcastle

2018-10-30 11:57:06 UTC

Permalink

Hi Timo,

I assume you are interested in making your application an SP. The simplest way would likely be something like Auth0 - although, I've never used it.

or, Shibboleth SP:
https://www.shibboleth.net/products/service-provider/

Lastly, you've probably seen this, but there are a lot of starting points here:
https://nzpcmad.blogspot.com/2013/06/saml-saml-connectivity-toolkit.html

Good luck, and let us know how you do it!

Asa

Post by Timo Hoepfner
Hi List,
I need to add SAML2 SSO to a WO application. Does anyone have some tips how to accomplish this?
Timo
_______________________________________________
Do not post admin requests to the list. They will be ignored.
https://lists.apple.com/mailman/options/webobjects-dev/a.talk%40zenn.net

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (Webobjects-***@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/uoh8%40ml-in.narkive.net

This email sent to ***@ml-in.narkive.net

Paul Yu

2018-10-30 13:09:52 UTC

Permalink

Timo

***@sitequesttech.com. Wrote a SAML framework for WO.

Paul

Sent from my iPhone
Please excuse iOS autocomplete

Post by Asa Steady Hardcastle
Hi Timo,
I assume you are interested in making your application an SP. The simplest way would likely be something like Auth0 - although, I've never used it.
https://www.shibboleth.net/products/service-provider/
https://nzpcmad.blogspot.com/2013/06/saml-saml-connectivity-toolkit.html
Good luck, and let us know how you do it!
Asa

_______________________________________________
Do not post admin requests to the list. They will be ignored.
https://lists.apple.com/mailman/options/webobjects-dev/pyu%40mac.com

Timo Hoepfner

2018-10-31 06:48:14 UTC

Permalink

Hi,

Jon was so kind to contact me off-list and provide some code from his integration (Thanks again!).
I’ll let you know how it goes…

Thanks for your help!

Timo

Post by Paul Yu
Timo
Paul
Sent from my iPhone
Please excuse iOS autocomplete

_______________________________________________
Do not post admin requests to the list. They will be ignored.
https://lists.apple.com/mailman/options/webobjects-dev/pyu%40mac.com

Tim Worman

2018-10-30 19:12:51 UTC

Permalink

I have an app that uses shibboleth. The most difficult part is understanding and configuring shibboleth - which will be largely based on the configuration of the IdP. Basically you install shib, configure its scope. In our case, I’m protecting a single “subdirectory" of the web server running on our app server.

Following that, the default DA 1st attempts a shibb login and scrapes the headers for whatever data you've requested from the IdP then handles the various conditions that could go wrong.

Tim
UCLA GSE&IS

_______________________________________________
Do not post admin requests to the list. They will be ignored.
https://lists.apple.com/mailman/options/webobjects-dev/lists%40thetimmy.com