0

I have requirement were the user's were already joined to domain logged in using the same credential from ldap server, they don't want to enter it again to login into shibboleth SSO, so I searched over Shibboleth document, it already has support for SPNEGO based login.

I have to following questions:

  1. Does shibboleth server running under Cent OS support this protocol ?
  2. If it support Cent OS may I know how and were we have to configure it commuincate with Active Directory?
  3. If it does support only windows environment, may I know does it only work when windows server has to be joined in same domain?

Current Server Environment

Centos 7 Shibboleth 3.3

SAML & CAS (we using both protocol)

CoolMonster
  • 61
  • 5

1 Answers1

1

1.Yes, have a look here https://wiki.shibboleth.net/confluence/display/IDP30/SPNEGOAuthnConfiguration. It's most likelly not version dependable as SPNEGO is a core part of Kerberos implementations.

2.On the wiki page above you have tutorials (like http://www.grolmsnet.de/kerbtut/) to test and understand it better.

3.It supports both windows and non windows, on the wiki they do have examples for both

Have a look at authentication providers on Centos, create the users, SPN on a mock Windows AD, then you should be fine.

Alex H
  • 1,814
  • 11
  • 18