Google As Service Provider, Identify by SAML IdP. SSO
Question
I want my portal that allows me to use service like Google Apps and Office 365.
In this case, Google and Microsoft are service provider. My portal will be IdP as I am doing the authentication. Is this correct?
I wonder how can I build my own IdP. Because if I want to achieve Single Sign On, the user can login my portal with username and pw stored in my database.
However, the password of users from my portal and Google can be totally different.
For example, user in my database = id:Peter, pw:peter123, email:abc@google.com
user in Google's Database = email: abc@gmail.com, pw: peter456
How can I map those accounts to achieve Single Sign On, allowing user to login only ONCE on my portal.
And then he can access Google Service by just clicking the buttons linking to Gmail, Google Drive...etc without logging in Google accounts?
I would appreciate if anyone could tell me more about SAML IdP and solutions.
I am building it in PHP.
1 answers
solution1
0 ACCPTED 2017-07-06 03:38:07
I moved a little bit forward,
I think some of my thoughts are wrong. My portal won't be the IdP.
But I will have to build a IdP server myself for communicating with my portal and Google and Microsoft
The following link will guide you throughout the basic setup of Shibboleth IdP server. https://wiki.shibboleth.net/confluence/display/IDP30/Installation
I will update if I can configure successfully. Cheers.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.