任何用于 Shibboleth 身份验证的 Java 应用程序? [英] Any java application for Shibboleth Authentication?

问题描述

我想对我的 Web 应用程序使用 shibboleth 身份验证.是否有任何示例 java 应用程序告诉如何逐步使用 shibboleth 身份验证.

I want to use shibboleth authentication for my web application. Is there any sample java application which tell how to use shibboleth authentication step by step.

我已经安装了 shibboleth，但仍然不知道如何使用它.

I have installed shibboleth but still didn't get idea how to use it.

推荐答案

我假设你必须使用 Service Provider

I assume you have to use Service Provider

使用 testshib 以简单的方式测试您的应用.

Use testshib to test your app in an easy way.

按照步骤操作

1. 在您的机器上下载并安装 sp
2. 将 shibboleth 的配置包含到您的 apache 中2.1.在 httpd.conf 文件中添加包含PATH/opt/path/etc/apache22"(如果版本是 apache2.2，否则适用)
3. 在 apache22.config 文件中添加您想要保护的位置 - 默认为/secure
4. 在您的 shibboleth2.xml 文件(在 etc 文件夹中)中放置您的实体 ID(应用程序默认元素)，例如 https://mywebsite.com/shibboleth - 这可以是任何东西，不一定是真正的路径
5. 将您的 idp 的实体 ID 放在 sso 元素中，如果是 testshib，它将是 https://idp.testshib.org/idp/shibboleth
6. 在元数据提供者中，将 idp 的元数据 uri 放入您的 idp 的元数据 urn，以防 testshib 为 http://www.testshib.org/metadata/testshib-providers.xml
7. 从 https://mywebsitehost.com/Shibboleth.sso/Metadata 下载您的元数据- 这里 mywebsitehost 将是一个真正的主机，其余路径将由 shibboleth 自动配置 - 此路径将下载您的 sp 的元数据文件
8. 通过注册将元数据文件上传到 testshib

1. download and instal sp on your machine
2. include shibboleth's configuration into your apache 2.1. into httpd.conf file add include "PATH/opt/path/etc/apache22"(if version is apache2.2, otherwise appropriate)
3. in apache22.config file add the location you want to secure - it would be /secure bydefault
4. in your shibboleth2.xml file (in etc folder) put your entity id(application defaults element), ex https://mywebsite.com/shibboleth - this can be anything, not neccessary a real path
5. put entity id of your idp in sso element, in case of testshib it would be https://idp.testshib.org/idp/shibboleth
6. in the metadata provider put idp's metadata uri to your idp's metadata urn, incase testshib it would be http://www.testshib.org/metadata/testshib-providers.xml
7. Download your metadata from https://mywebsitehost.com/Shibboleth.sso/Metadata - here mywebsitehost would be a real host and rest path will be automatically configured by shibboleth - this path will download your sp's metadata file
8. Upload your metadata file to testshib via register

你准备好了.转到 https://mywebsitehost.com/secure，您应该会被重定向到 idp 以进行身份​​验证.

You are ready to go. Go to https://mywebsitehost.com/secure and you should be redirected to idp to authenticate.

注意:确保您的域名配置了 ssl(https)

NOTE: Make sure you have a domain name configured with ssl(https)

这篇关于任何用于 Shibboleth 身份验证的 Java 应用程序?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！