任何用于 Shibboleth 身份验证的 Java 应用程序? [英] Any java application for Shibboleth Authentication?
问题描述
我想对我的 Web 应用程序使用 shibboleth 身份验证.是否有任何示例 java 应用程序告诉如何逐步使用 shibboleth 身份验证.
I want to use shibboleth authentication for my web application. Is there any sample java application which tell how to use shibboleth authentication step by step.
我已经安装了 shibboleth,但仍然不知道如何使用它.
I have installed shibboleth but still didn't get idea how to use it.
推荐答案
我假设你必须使用 Service Provider
I assume you have to use Service Provider
使用 testshib 以简单的方式测试您的应用.
Use testshib to test your app in an easy way.
按照步骤操作
- 在您的机器上下载并安装 sp
- 将 shibboleth 的配置包含到您的 apache 中2.1.在 httpd.conf 文件中添加包含PATH/opt/path/etc/apache22"(如果版本是 apache2.2,否则适用)
- 在 apache22.config 文件中添加您想要保护的位置 - 默认为/secure
- 在您的 shibboleth2.xml 文件(在 etc 文件夹中)中放置您的实体 ID(应用程序默认元素),例如 https://mywebsite.com/shibboleth - 这可以是任何东西,不一定是真正的路径
- 将您的 idp 的实体 ID 放在 sso 元素中,如果是 testshib,它将是 https://idp.testshib.org/idp/shibboleth
- 在元数据提供者中,将 idp 的元数据 uri 放入您的 idp 的元数据 urn,以防 testshib 为 http://www.testshib.org/metadata/testshib-providers.xml
- 从 https://mywebsitehost.com/Shibboleth.sso/Metadata 下载您的元数据- 这里 mywebsitehost 将是一个真正的主机,其余路径将由 shibboleth 自动配置 - 此路径将下载您的 sp 的元数据文件
- 通过注册将元数据文件上传到 testshib
- download and instal sp on your machine
- include shibboleth's configuration into your apache 2.1. into httpd.conf file add include "PATH/opt/path/etc/apache22"(if version is apache2.2, otherwise appropriate)
- in apache22.config file add the location you want to secure - it would be /secure bydefault
- in your shibboleth2.xml file (in etc folder) put your entity id(application defaults element), ex https://mywebsite.com/shibboleth - this can be anything, not neccessary a real path
- put entity id of your idp in sso element, in case of testshib it would be https://idp.testshib.org/idp/shibboleth
- in the metadata provider put idp's metadata uri to your idp's metadata urn, incase testshib it would be http://www.testshib.org/metadata/testshib-providers.xml
- Download your metadata from https://mywebsitehost.com/Shibboleth.sso/Metadata - here mywebsitehost would be a real host and rest path will be automatically configured by shibboleth - this path will download your sp's metadata file
- Upload your metadata file to testshib via register
你准备好了.转到 https://mywebsitehost.com/secure,您应该会被重定向到 idp 以进行身份验证.
You are ready to go. Go to https://mywebsitehost.com/secure and you should be redirected to idp to authenticate.
注意:确保您的域名配置了 ssl(https)
NOTE: Make sure you have a domain name configured with ssl(https)
这篇关于任何用于 Shibboleth 身份验证的 Java 应用程序?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!