TechQA.

Shibboleth - Secure different URLs with different IdPs

182 views Asked by At

We have a server that is going to have different web applications for different clients.

I need to be able to secure one web app with one IdP, and another web app with a different IdP. Sich as below:

"my.host.com/webapp1" with thier.IdP.com "my.host.com/webapp2" with thier.IdP2.com

How do I configure this? I'm assuming I need to do something in my shibboleth2.xml. But I'm confused where I'm supposed to secure one path and tie it to one IdP.

I think it's implied, but these are 2 different customers and there should be no sort of cross talk (i.e. using one IdP doesnt allow you to to get into the other web app, and vice versa).

metadata saml-2.0 shibboleth
Original Q&A
1

There are 1 answers

0
samottenhoff On

I'm assuming I need to do something in my shibboleth2.xml.

Your shibboleth2.xml should contain references to multiple IdPs probably through ApplicationOverride stanzas.

I need to be able to secure one web app with one IdP, and another web app with a different IdP

Your Apache HTTPD configuration should direct the user to the correct Shibboleth EntityId based on path. For example:

<Location /customer/aaa>
  AuthType shibboleth
  ShibRequireSession On
  ShibRequestSetting entityId https://idp.customeraaa.com/idp/shibboleth
  require shibboleth
</Location>

Related Questions in METADATA

Related Questions in SAML-2.0

Related Questions in SHIBBOLETH

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions