[Mono-aspnet-list] [Spam] Integrating/Authentication ASP .NET application(s) to/with Shibboleth
Ryan Davis
ryan at acceleration.net
Fri Jul 26 14:19:08 UTC 2013
Shibboleth is a complicated system, but you can break it down into a few
parts. Grossly oversimplifying:
* Identity provider (IdP) - this service handles authentication; your
users type in their username and password here.
* Service Provider (SP) - this service runs on the same server as your
ASP.NET application, and talks back and forth with the IdP. You tell
the SP what URLs are protected, and the SP intercepts HTTP traffic,
redirecting people to the IdP for authentication first if someone
requests for a protected URL. When the IdP authenticates the user,
it redirects back to your SP with data about the authenticated user
(e.g. username). The SP adds this information as custom HTTP
headers, then finally sends the request to your ASP.NET application
* The ASP.NET application looks in HttpRequest.Headers for information
about the logged in user
What you do with it from there is up to you. If you're using ASP.NET
MVC, it's pretty easy to make an AuthorizeAttribute that looks to the
headers; if you're using ASP.NET webforms maybe you have a
Begin_Request() in your global.asax.cs that reads the headers and sets
HttpContext.User.
Most of the work with getting Shibboleth setup is in running the SP
daemon and establishing trusted connections with the IdP - there's some
metadata and key exchanges that you need to work out with the folks
running the IdP, and then they need to explicitly authorize your SP. You
should ask on shibboleth mailing lists
<http://shibboleth.net/community/lists.html> for help with that. It's
not that difficult, it's just a lot of nitty-gritty details that all
have to match perfectly.
Good luck,
Ryan Davis
Director of Programming, Acceleration.net
2837 NW 41st Street, Unit 320
Gainesville, FL 32606
352-335-6500 x124
http://www.acceleration.net
On 07/26/2013 08:31 AM, Gilles Badouet wrote:
> Hello all,
>
> I am new in this mailing list.
> Can anyone here describe me how to integrate an ASP .NET application
> to Shibboleth, indeed for the authentication mechanism.
> I would like to do so, but don't know how to proceed, the steps to
> follow ... I read Shibboleth documentation, but still I cant
> understand what are the processes.
>
> I would appreciate if anyone here can help me by providing few steps
> to follow and if possible how; or any links providing such
> implementations examples.
>
> Kind regards
>
> Gilles Rubens Badouet
>
> Student ID: 3940347
>
> Faculty of Engineering and Computing
>
> MSc Network Computing Course
>
> Mobile: 07424486426
>
>
>
> _______________________________________________
> Mono-aspnet-list mailing list
> Mono-aspnet-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-aspnet-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ximian.com/pipermail/mono-aspnet-list/attachments/20130726/8c46f91c/attachment.html>
More information about the Mono-aspnet-list
mailing list