[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: Pass authentication to another application
From:       Peter Schober <peter.schober () univie ! ac ! at>
Date:       2018-09-18 8:27:05
Message-ID: 20180918082704.llup7q5m2b2v6rpe () aco ! net
[Download RAW message or body]

* Rob Brooks <rbrooks@biz-tech-solutions.com> [2018-09-17 22:52]:
> Hello, I use shibboleth SP to authenticate against a PING Federated IdP
> (not in my control) for my web application.  I want to provide a link in my
> application that then passes this authentication on to another
> application.  Can you help me to understand this process flow?  The 3rd
> party application that needs authentication has its own SSO SP (not sure of
> product) and I have the ear of their developers and can suggest workflow.
> The Ping Federated server would be harder to implement change with.

Sounds to me that other application should simply become yet another
SAML SP federated with the same (or any other) SAML IDP.
Does not change your existing SP and does not require proxying.
-peter
-- 
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]