By: Kim Olsson user 16 Mar 2014 at 6:50 p.m. CDT

0 Responses
Kim Olsson gravatar
I have a set of in-house developed web applications that all use their own authentication. We want to move to one platform for authentication and authorisation. Our users usually have accounts on our federate IDP (Shibboleth) or on Google (OpenID/OpenId Connect). We want those IDP to handle authentication, but we control the authorisation. We intend to convert our in-house applications to become Shibboleth (or even OpenId Connect) SPs. What we have identified we need is an IDP Proxy/IDP aggregator. I.e. 1) the user comes to one of our SPs, 2) The SP redirects them to our IDP Proxy for authentication an authorisation 3) The IDP Proxy relays them to either the federated Shibboleth IDP or Google accounts 4) Once authenticated, a Shibboleth/SAML response is then returned back to the initiating SP. When I read the documentation, I'm confused as to what would meet our requirements. Gluu, Asimba, or Ox?