558 questions
1
vote
0
answers
22
views
Synchronizing a local file with a remote web host
I have a pdf that I want to fetch whenever my computer is connected to the internet such that any time there is a new version uploaded, I replace the local copy on my device. How can I accomplish this ...
- 11
0
votes
0
answers
17
views
Shibboleth SP deleting Load balancer set Cookie
We have a Load balancer for the application and Shibboleth SP,Azure ADP for authentication.
We use Load balancer cookie persistence for session persistence with timeout set for 10 hrs.
1.Initially ...
0
votes
1
answer
126
views
IDP v5.1.3 [http://localhost:8080/idp/profile/SAML2/POST/SSO] Bad Request
We are trying to upgrade IDP version from v3.4.4 to v5.1.3 and our application is a standalone application. In our application, we had customized the IDP with our external login authentication.
During ...
0
votes
0
answers
122
views
Shibboleth Integration with Entra ID
I am trying to integrate Microsoft Entra ID for MFA with a Web App, and so far have completed the cycle of MFA and got the session authenticated. However, post authentication when the redirection ...
- 1
1
vote
0
answers
113
views
Shibboleth IdP Upgrade from idp3 to idp 4
I'm currently working on upgrading our Shibboleth IdP from version 3 to version 4. After modifying the configuration files in IdP, we are encountering an issue with the SAML response. The error ...
0
votes
0
answers
75
views
Microsoft Entra ID as MFA in Shibboleth
Can we use Microsoft Entra ID as MFA in Shibboleth? Are there any extra steps involved apart from configuring the standard IDP configuration?
- 75
0
votes
0
answers
23
views
shibboleth muti SPs need same attributes
i have to Sps(aws,aliyun) ,which needs same attributes named "name" and "role".
i configured the attribute-resolver.xml ,giv them two names "role-aws" and "role-...
- 1
0
votes
2
answers
177
views
Manual authentication between a Spring Boot REST service and Shibboleth
I have a backend of stateless REST services written in Java Spring Boot.
1- One of the services is "/Login". It receives a username and a password from my own web form (not the form ...
- 2,197
1
vote
1
answer
146
views
shibboleth 5 with slapd integration login
I have spent 2+ weeks trying to get a Shibboleth 5 IdP stood up for our dev environment.
The players:
Shibboleth 5 IdP configured to run inside Jetty 11 servlet (no apache)
openldap (on same server)
...
0
votes
0
answers
29
views
Decrypt Environment Variables using Apache2
I'd like to store private encrypted information into an environment variable and then decrypt it in apache2 config file, but i haven't found any example to look for an i have no idea on how to ...
- 1
0
votes
0
answers
69
views
Shibboleth SP configuration with AWS Cognito
our system relies primarily on Cognito for user management, we want to integrate Cognito with third party identity provider which is basically Shibboleth Idp, Cognito requires a metadata file from the ...
0
votes
0
answers
121
views
Reasons samesite=none not sent
I have a service that relies on a samesite=none cookie. I have seen that this cookie is not sent for about 1% of users in a cross domain context. This is the exact case my site needs samesite=none, ...
0
votes
1
answer
177
views
Shibboleth login
I have an application created in Angular in which I have to implement authentication via shibboleth and adfs, that is, once I go to the /login path I will be directed to the adfs page where it will be ...
- 11
0
votes
1
answer
117
views
shibboleth-identityprovider still using javax
We are using Shibboleth identity provider for SSO solution since long time. Now we are planning to migrate our spring application to latest version. Latest versions of Springboot using Tomcat10( ...
0
votes
0
answers
128
views
Integrating SAML2 Shibboleth with a Blazor Server application
I need to integrate SAML2 Shibboleth with my Blazor Server application, which is currently logged in with the default ASP.NET Identity.
The application is hosted on a server where, when the url "/...
- 61
2
votes
1
answer
249
views
How to submit a shibboleth-protected WEB page from code using a POST call
High-level summary
My goal is to do a POST call from my code to submit a request through a web server that requires Shibboleth authentication.
At the moment I am fine to just collect the BASE64 SAML ...
- 161
0
votes
1
answer
166
views
How to integrate shibboleth idp to an existing Spring application?
I have an exisiting Spring web application with user authentication logic implemented.
Is there a way to integrate the Shibboleth IDP to my application so I can resue the exisitng authentication logic ...
1
vote
0
answers
186
views
Passing custom claims to SP with Shibboleth Samltest.id
I am currently working on SAML-based SSO (Single Sign On) and using IDP (Identity Provider) provided by samltest.id (they are using Shibboleth) to test my NodeJS SP (Service Provider).
Samltest.id has ...
- 49
0
votes
1
answer
1k
views
Shibboleth 4 Jetty Invalid SNI Issue
I setup a local shibboleth IdP 4.3 instance and had to use fully qualified names for the server post setup. When trying to use the fully qualified name for the entityID / URL, I am getting the below ...
- 147
0
votes
1
answer
338
views
Shibboleth Transcoding Rules not picking up data / passthrough attributes from azureAD integration
I followed the documentation to integrate Shibboleth 4.3 to use AzureAD as its proxy / IdP and everything redirects / responds as it should, but in the attribute resolver / claims rules, it is not ...
- 147
0
votes
1
answer
1k
views
Shibboleth Proxy to Azure AD Validation Error on redirect with error XML element 'RequesterID' in XML namespace 'urn:oasis:names:tc:SAML:2.0:protocol'
I configured my local shibboleth IdP to proxy authentication to Azure AD but on redirect and getting an Azure error:
AADSTS7500522: XML element 'RequesterID' in XML namespace 'urn:oasis:names:tc:SAML:...
- 147
0
votes
1
answer
297
views
Shibboleth variables not coming over with Coldfusion 2021 & IIS
I am trying to use Shibboleth 3 as the sp and azure AD as the ipd and I can see that I have successfully implemented based on the Shibboleth transaction log.
2022-12-16 12:35:54|Shibboleth-...
- 354
1
vote
1
answer
585
views
Error when connecting to a SAML 2.0 IdP that uses shibboleth
I am using the ITfoxtec Identity SAML 2.0 library with .Net 7 project to connect to a SAML 2.0 IdP.
I tested it first using Okta SAML and it worked great!
However, when I try another SAML 2.0 IdP that ...
- 7,062
0
votes
0
answers
38
views
Spring Boot/Security: Encoding header iso-8859-1 to utf8, nothing is working [duplicate]
Letters in my header such as á are shown as á.
Apparently the Header comes in iso-8859-1 and my application fails to encode it to utf8.
I am extremely puzzled that none of my approaches work.
What I ...
- 11
0
votes
1
answer
156
views
Shibboleth SP - Only Use GET Method between my SP and the IDP
I want to know if there is a way to only use GET type requests in the exchanges with the IDP. I don't want to use a POST method to exchange with the IDP. Is there a parameter that allows this ?
0
votes
0
answers
120
views
Crystal Reports Not Working in Web Application: COMException (0x8007007F)
I am currently working on upgrading an ASP.NET web application to use Crystal Reports SP31. When running the web application on our web server, I get the following error:
System.Runtime....
- 1
0
votes
1
answer
195
views
Shibboleth IdP - allow users to choose password or SAML login flow
I have implemented a shibboleth idp (myidp.example.com) on my own server with password flow. They authenticate with their username and password against database MySQL.
At this point, everything is ...
- 1,128
1
vote
0
answers
90
views
Shibbeloth Session Time-Out need to Redirect to error template
I am using Shibbeloth with IIS configuration and configured the session Time-Out with some value.
Our expectation is when the Shibbeloth configured Time-Out is expired it's need to Redirect to error ...
0
votes
0
answers
204
views
Shibboleth retrieves a "non-existent" attribute from Active Directory(urn:oid:2.16.840.1.113730.3.1.3)
I have a SP using Shibboleth as IDP for SSO, and Shibboleth uses Active Directory as User store.
In SP configuration, it maps an attribute "urn:oid:2.16.840.1.113730.3.1.3" to a local ...
0
votes
1
answer
875
views
saml2 idp authentication forwarding
I have an app that authenticate against an idP using SAML2.
The app support only one idP.
The app is multi-tenant, and I need to forward each tenant user to their own idP.
So I need my local idP (...
- 183
0
votes
1
answer
758
views
Request.ServerVariables() for Shibboleth in .NET 6
I am trying to use Shibboleth on a site that uses .NET 6. The Shibboleth documentation uses Request.ServerVariables() but when I add that, I get the error "HttpRequest does not contain a ...
- 75
0
votes
1
answer
764
views
Possible to do Shibboleth authentication on local dev environment?
I have a Java/Spring application that is running on a Tomcat server. The application uses Shibboleth/SAML for getting user access and it works fine.
However I would like to run/debug the application ...
- 1,172
1
vote
0
answers
223
views
Shibboleth Path exclusion
We have a web site that is using shibboleth. I need to exclude a portion from being protected.
So far the only way I can get this to work is by excluding an entire top level directory.
If I exclude ...
- 11
0
votes
1
answer
354
views
Shibboleth IDP with ADB2C integration
We have a requirement to configure Shibolleth as a SAML IDP to ADB2C Service Provider. Does anyone have any links or working examples? I found a reference on configuring SAML IDP in ADB2C custom ...
0
votes
1
answer
589
views
Send login_hint parameter from Shibboleth (Service provider) to Azure AD (Identity Provider)
We installed Shibboleth SP3 on our IIS instance, it works pretty well to have a SSO authentication.
However, we want to pass a « login_hint » parameter to Azure (our IdP) to ease people with multiple ...
2
votes
1
answer
1k
views
How to setup shibboleth for saml azure ad
Hey I have given a task to setup shibboleth to authenticate my web application ( .net core application (SP) ) using saml 2.0 with azure ad. My web application will act as SP and will manipulate the ...
- 117
0
votes
1
answer
42
views
Using OWASP ZAP with Shibboleth?
I have scanned the OWASP documentation and the login methods that are details in said documentation don't appear to be related to applications that are using Shibboleth.
For those that have worked ...
- 34
0
votes
0
answers
72
views
How to implement two tyoe of authentication in apache
I have already implemented with shibboleth on apache an adfs authentication with SAML2.
Now i need to add a second authentication type with OAUTH2.
How to achieve this solution for use both ...
- 31
0
votes
1
answer
493
views
Cannot get Shibboleth assertion attributes to my Spring Boot application
I have a spring boot application running on Apache Tomcat/7.0.76. And I have Shibboleth SP running on Apache server.
I am not able to get assertion attributes to my application.
The user is getting ...
- 91
1
vote
2
answers
950
views
How to integrate SSO with a university? [closed]
I have a django website and I'd like to allow students from a few universities to login to it using their university credentials.
I understand that I need to register with each of these universities ...
- 475
0
votes
1
answer
591
views
Shibboleth IDP 4 login failed:
i need your help. I'm trying to connect to moodle with the Shibboleth Login but it doesn't work. I checked the file idp-process.log and i am getting this error and don't know what its meaning?
< ...
- 3
0
votes
0
answers
334
views
How to access request headers of shibboleth login in angular?
I am developing an application in Angular in which I have to provide SSO mechanism using Shibboleth. The scenario is, when the user enters a specific URL (protected by shibboleth) it gets redirected ...
- 1
0
votes
0
answers
575
views
CORS error while accessing the backend kubernetes application from shibboleth kubernetes pods in same cluster
I have an application(1) running on Jetty which is deployed in Kubernetes. On top of the application, we are using another deployment to enable SSO configuration using apache2/shibboleth SAML2 using ...
1
vote
0
answers
206
views
vendor.js:1 WebSocket connection to 'wss://xxxxx.com/abc/def failed: Error during WebSocket handshake: Unexpected response code: 302
I am facing above error in apache 2.4.6
My connection configuration is below.
<Location /abc>
AuthType shibboleth
ShibRequestSetting requireSession 1
ShibRequestSetting applicationId ...
- 107
1
vote
0
answers
1k
views
how i can solve "java.nio.file.AccessDeniedException" error?
I am trying to install shibboleth IDP in ubuntu
I got this error while trying to apply a script
do you have any idea how can I solve this problem?
note that i install OpenJDK version "11.0.11&...
- 11
2
votes
2
answers
2k
views
Shibboleth adding _opensaml cookies leading to HTTP Header size>8k
I have an application that uses Shibboleth for authentication. After going live we started to see customers getting 500 errors in their browsers. Upon investigation, we found that our security ...
- 191
0
votes
1
answer
1k
views
How does a Shibboleth SP configure IdP metadata files without any downtime in the Shibboleth service?
I am curious how Service Providers of Shibboleth avoid downtime in their Shibboleth Service when installing/updating Metadata files within their configuration. I have seen a few websites offer the ...
- 349
0
votes
1
answer
1k
views
Shibboleth upgrade - deprecated features in v4.1.0
I recently upgraded Shibboleth from v4.0.1 to v4.1.0. After the upgrade, I get the deprecated warning message regarding SAML2NameID. I am using this feature in "attribute-resolver.xml" conf ...
- 105
0
votes
1
answer
935
views
Apache reverse proxy pod or ingress
Currently all my microservices are deployed in single vm.I am planning to dockerize and distribute this in multiple hosts using kubernetes.
But have few queries.
1)Currently I have apache proxy ...
- 383
0
votes
1
answer
258
views
Shibboleth - is there a way to configure Access Control as either/or logic?
I have a Shibboleth implementation where, in my shibboleth2.xml file, my Host section has an AccessControl Rule that requires a isMemberOf for a group and this works great.
If I add another rule for a ...
