Shibboleth 3 IDP使用ws-fed
[英]Shibboleth 3 Idp using ws-fed
问题描述
We have Shibboleth 3.4.4 as Idp for Azure, and it works perfectly by using SAML when it comes about loging into the portal. 
我们拥有Shibboleth 3.4.4作为Azure的Idp,并且在登录门户时通过使用SAML可以完美地工作。 But when we try to enroll Windows10 devices into AAD we have the problem that it only works if the Idp is able to speak ws-fed and ws-trust 但是,当我们尝试将Windows10设备注册到AAD时,我们遇到的问题是,仅当Idp能够说ws-fed和ws-trust时,它才能工作
https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-federated-domains https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-federated-domains
We couldn't find the way to make those protocols work with shibboleth. 我们找不到使这些协议与shibboleth一起工作的方法。
Is there any tutorial or example, or walkaround that someone has been able to use in any place? 是否有任何人可以在任何地方使用的教程或示例,或者如何解决?
If it is impossible to do with Shibboleth Idp, it would be nice if someone knows other free idp wich speaks those protocols. 如果用Shibboleth Idp无法做到,那么如果有人知道其他免费的IDP会讲这些协议,那就太好了。
Thanks in advance! 提前致谢!
1 个解决方案
解决方案1
1 已采纳 2019-07-09 18:14:52
Shibboleth doesn't support WS-Federation as an identity provider. Shibboleth 不支持 WS-Federation作为身份提供者。
You can give Keycloak a shot, it supports WS-Fed passive profile (with some additional limitations) via an extension . 您可以给Keycloak做个尝试 ,它通过扩展支持WS-Fed被动配置文件(有一些其他限制)。 This may or may not be enough to manage enrollment of W10 devices into AAD. 这可能不足以管理W10设备到AAD的注册。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.