Is Shibboleth SP an implementation of SAML 2.0?

1
votes

I have "implemented" (sometimes it works, sometimes not) a Shibboleth SP (Service Provider), which I've read is an implementation of SAML 2.0. Now my boss has asked me if we can also implement SSO (single sign on) via SAML 2.0 in our web application.

Since Shibboleth is just an implementation of SAML 2.0, can I just use that somehow? Do i just need to edit some files to support an additional IdP (Identity Provider) that's not a Shibboleth IdP?

I've read that there are numerous third-party components that use WIF (Windows Identity Foundation) to implement the SAML 2.0 SP. Is it better to just use these third part components instead of trying to "re-use" the Shibboleth SP for my SAML 2.0 implementation? Can I use one of these third-party components to simplify my Shibboleth SP implementation (It is SUCH a pain to configure and is the bane of my existence)

1
asp.netwifsaml-2.0shibboleth

1 Answers

1
votes

I don't exactly understand what you've done so far with the Shibboleth SP, but I assume you've configured a Shibboleth SP in your application to communicate with a Shibboleth Idp.

In that case, the Shibboleth SP should be possible to configure to communicate with another Idp too.

When using ASP.NET Shibboleth can be quite awkward to work with, as it doesn't integrate very well with the ASP.NET environment. You might want to look at other Service Providers. Kentor.AuthServices is an open source SP for ASP.NET. There are also several commercial options available.

Disclaimer: I'm the author of Kentor.AuthServices