[英]Options to convert a Netty application to a SAML2.0 Service Provider Endpoint
I have an application using Netty 4.x framework that functions as some kind of server. 我有一个使用Netty 4.x框架的应用程序,它可以用作某种服务器。 The authentication must be federated, so now I need to convert it to a SAML2.0 Service Provider.
必须联合身份验证,所以现在我需要将其转换为SAML2.0服务提供程序。
I did some research, and my concern is that in order to use existing SAML2.0 solutions, ie OpenAM, PingFederate, the Service Provider has to be a web application running in some kind of web container, which, is not the case in my project. 我做了一些研究,但我担心的是,为了使用现有的SAML2.0解决方案,例如OpenAM,PingFederate,服务提供商必须是在某种Web容器中运行的Web应用程序,而在我看来并非如此。项目。 Is this true?
这是真的?
I am very new to the Single-sign On and Federation world, I'd truly appreciate any information and tip offered. 我对“单一登录和联合身份”领域非常陌生,我非常感谢提供的任何信息和提示。
SAML in general uses the browser to keep a common "session" between two sites. SAML通常使用浏览器在两个站点之间保持公共的“会话”。
This is done as follows: 这样做如下:
The form posted to the SAML identity provider is automatically posted back, and the returned authentification is also an automatically posted form. 发布到SAML身份提供者的表单会自动发布,返回的身份验证也是自动发布的表单。 A kinde of cross-site scripting.
一种跨站点脚本。
A SAML servlet filter could accept this result and put a UserPrinciepal in the application request. SAML Servlet过滤器可以接受此结果,并将UserPrinciepal放入应用程序请求中。
The configuration is not too difficult. 配置不是太困难。 You need your own unique key pair for your "server",
您需要为“服务器”使用自己的唯一密钥对,
All-in-all it was rather time consuming. 总而言之,这非常耗时。 It helped to set up ones own Identity Provider too.
它也帮助建立了自己的身份提供者。 Apache Shiro, a security solution outside the Java EE server world, did not have a SAML solution at the time I worked on SAML.
Apache Shiro是Java EE服务器世界之外的安全解决方案,在我从事SAML时,还没有SAML解决方案。
If you got a demo IdP and SP running, it should not be too difficult to short-cut everything. 如果您正在运行演示IdP和SP,则简化所有内容应该不会太困难。 Maybe using FireFox with the TamperData add-on to inspect the communication.
也许将FireFox与TamperData插件一起使用以检查通信。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.