Skip to Content.
Sympa Menu

edugain-discuss - Re: [eduGAIN-discuss] Assistance with Integrating Shibboleth IDP with Azure AD

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] Assistance with Integrating Shibboleth IDP with Azure AD


Chronological Thread 
  • From: Chris Phillips <Chris.Phillips AT canarie.ca>
  • To: Andreas Theodorou <andreas.theodorou AT cynet.ac.cy>, 'Davide Vaghetti' <davide.vaghetti AT garr.it>, "'edugain-discuss AT lists.geant.org'" <edugain-discuss AT lists.geant.org>
  • Subject: Re: [eduGAIN-discuss] Assistance with Integrating Shibboleth IDP with Azure AD
  • Date: Fri, 5 May 2023 12:50:14 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=canarie.ca; dmarc=pass action=none header.from=canarie.ca; dkim=pass header.d=canarie.ca; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=W/P6DCQsvt9TchZpcpRvBHTEVRbT6jM44THJxPvWKmw=; b=bFMCCYS3NVKs4i7ycBZ9m33yaIJr/nheJufbcpjd3eNErKhXjtrQgQ/1+Yi4mPgVC4YGFiRlvy8utSm7hmyrveEexe3bhvJ6X3QIpSisi6oc97bTxpAQtekRnqsIoj8K1P2eUTMhEIBw6yiAVBBYZWyUAGPwdB3gHW4KcDAKmQxaEhP8Jtx1yWUAovwohfi/CxVHXatCIjGwoSQoXF0ULi4hin04ADCogJ8Kzmpo5tUBAmydHAIrt5X7qAi94JOSx0h9u1vdviVKY+yvkUJ++k/mSUa5tFTR5xlnGWhVzrqZnsWqfs7dbrIRx0jQoD0RIr0pyrVcl/IeY8EDDNzyEQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OnGJa+/FB6vAYZBqjr/u1rrb9SKfc2ori3keLSei52qgw+w9B6d4qeR0w2vV7ML/uKn+Y2pZTrDBFwlizqV1YzSFH1q/A8nsnPYCq7yPIdCCZRLXh0QdZVHt+IDBNnBBuudsg6c+3O+RPDd9QXOwaMY1aZaI0q7EWEXw9hpLqDOHNTLVYjlBFCFpLh+Myf2uyDRczzQ9Xy9Gm1VN5a6KfPy/2DK1Ox+Zv78S7EMaIpKA1dIgHvYqH8P2cD3/JkYYGL3HSX1/gZ+PcIPZhRyeolEDKu2+g9XsTmF9uB/WougdRPfNsV5E4fqTxxRRg77vQoibiGVC3rS9H1ILeAHWMg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=canarie.ca;

Hi.

Written as Davide wrote his reply just now ..

 

This discuss list is not a support list and Scott C’s comments are on point.. the Shib docs on proxying are the reference material.

 

As the Shibboleth team is pacing faster on improvements and enhancements (a great thing!) it ages the contributed guidance thus deserving the header on the wiki version of that guidance. 

 

I have work in progress on refreshing it to align to latest (later?) versions of shibboleth as we want to exercise it with an eye on v5 coming out. We (CAF) also have a version of the document that has aged out to uplift as well.

 

I’ve reached out to you on the eduGAIN slack to see what the gap is to assist on the refresh on the doc.  Davide’s comment to the Shibboleth users list is a place to query as well but may find connecting with me on slack to be a starting place for this particular item.

 

 

Chris.

 

 

 

 

From: edugain-discuss-request AT lists.geant.org <edugain-discuss-request AT lists.geant.org> on behalf of Andreas Theodorou <andreas.theodorou AT cynet.ac.cy>
Date: Friday, May 5, 2023 at 8:18 AM
To: 'Davide Vaghetti' <davide.vaghetti AT garr.it>, 'edugain-discuss AT lists.geant.org' <edugain-discuss AT lists.geant.org>
Subject: RE: [eduGAIN-discuss] Assistance with Integrating Shibboleth IDP with Azure AD

________________________________

External This email originated from outside the organization. Use caution when following links as they could open malicious web sites.
________________________________



Dear Davide,

Thanks for the documentation you have provided but I have already reviewed it and realized that it is applicable for older versions of IdPs and is not applicable to the version we are currently using, which is 4.3.

The configuration files referred in the specific guide, are missing from IdP 4.3.

I was wondering if anyone could provide some guidance on what changes must be made so that to make it applicable for the newer versions.

I would be grateful for any advice and support you may have regarding this.

Kind regards,
Andreas Theodorou.

-----Original Message-----
From: Davide Vaghetti <davide.vaghetti AT garr.it>
Sent: 04 May 2023 10:42
To: Andreas Theodorou <andreas.theodorou AT cynet.ac.cy>; 'edugain-discuss AT lists.geant.org' <edugain-discuss AT lists.geant.org>
Subject: Re: [eduGAIN-discuss] Assistance with Integrating Shibboleth IDP with Azure AD

Dear Andreas,

there is a very complete guide on how to integrate the Shibboleth IdP with Azure AD on the Shibboleth wiki:


https://shibboleth.atlassian.net/wiki/spaces/KB/pages/1467056889/Using+SAML+Proxying+in+the+Shibboleth+IdP+to+connect+with+Azure+AD

Cheers,
Davide

On 04/05/23 09:28, Andreas Theodorou wrote:
> Dear Community,
>
> I am currently working on integrating Shibboleth IdP with Azure Active
> Directory to enable SSO for our organization's users. However, I have
> been unable to find any relevant resources on how to accomplish this.
>
> Also, as you already know, the documentation provided by eduGAIN, only
> provides information on integrating with OpenLDAP and AD.
>
> I'm reaching out to the community to see if anyone has experience or
> expertise in integrating Shibboleth IDP with Azure AD, or if you could
> suggest any sources of information that could help.
>
> Any support or guidance you can provide would be appreciated.
>
> Kind regards,
>
> Andreas.
>

--
Davide Vaghetti
Consortium GARR
Mobile: +393357779542
Skype: daserzw

Attachment: smime.p7s
Description: S/MIME cryptographic signature




Archive powered by MHonArc 2.6.24.

Top of Page