Integrate GLUU with ADFS

By: Krishnan Gopal user 09 Dec 2019 at 8:22 a.m. CST

4 Responses
Krishnan Gopal gravatar
Hi, We have a up and running GLUU setup with customized login/ authentication mechanism with Thumbsignin. Can someone please suggest us how to use this GLUU setup with ADFS ? Basically, the service provider points to ADFS and it is asking for username and password to login. Now I need to replace that login with GLUU. I couldn't find any relevant setup documents for the same. My Expectaion is as follows, * All the SP will configured to talk with ADFS * The ADFS will redirect the user to GLUU instead of ADFS login page. * User will enter the username and password in the GLUU login page and submit for authentication * Once authentication succeed at GLUU the result should be submitted back to ADFS * Now ADFS will have a token created for the user and grant access to Service provider. Can someone please suggest me on how to proceed ? Thanks in Advance.
Ubuntu 16.04
closed

Answers

By Michael Schwartz Account Admin 09 Dec 2019 at 10:53 a.m. CST

Copy
Michael Schwartz gravatar
We have customers who are doing this. But isn't it really more of a question about how to configure ADFS as an SP / Proxy? Is it possible for the application to hit the Gluu Server as the SAML IDP instead of ADFS?

By Aliaksandr Samuseu staff 09 Dec 2019 at 11 a.m. CST

Copy
Aliaksandr Samuseu gravatar
Hi, Krishnan. Please consider points made by Michael above. I could try to build a proof of concept setup for this use case. Please let me know what kind of ADFS deployment do you use - the more details the better. If it's a stand-alone, on premises kind of deployment (not a cloud solutions), let me know what Windows Server / ADFS version it is.

By Krishnan Gopal user 10 Dec 2019 at 1:23 a.m. CST

Copy
Krishnan Gopal gravatar
Hi Alia, We are using ADFS 3.0 - Windows Server 2012 R2 , right now it is deployed at AWS cloud.

By Mohib Zico staff 17 Dec 2019 at 12:13 p.m. CST

Copy
Mohib Zico gravatar
`ADFS as SP` --> Get ADFS metadata --> Use that metadata to configure [trust relationship](https://www.gluu.org/docs/ce/3.1.4/admin-guide/saml/#create-a-trust-relationship) in Gluu . That's how I would move forward if it's SAML.

Post an answer