enabling saml 2 0 in a wiki
play

Enabling SAML 2.0 in a wiki Anders Lund (UNINETT) Andreas kre - PowerPoint PPT Presentation

Sep 17, 2023 •153 likes •314 views

Enabling SAML 2.0 in a wiki Anders Lund (UNINETT) Andreas kre Solberg (UNINETT) Software used - Dokuwiki http://wiki.splitbrain.org/wiki:dokuwiki - OpenSSO PHP Extension (lightbulb) https://lightbulb.dev.java.net/ Dokuwiki Pluggable

  1. Enabling SAML 2.0 in a wiki Anders Lund (UNINETT) Andreas Åkre Solberg (UNINETT)

  2. Software used - Dokuwiki http://wiki.splitbrain.org/wiki:dokuwiki - OpenSSO PHP Extension (lightbulb) https://lightbulb.dev.java.net/

  3. Dokuwiki Pluggable authentication modules Supports ACL lists, and is using groups for authorization.

  4. OpenSSO PHP A pure PHP5 implementation of a SAML 2.0 SP . Extremely simple installation and configuration. Implemented as proof of concept. Not feature-rich. Opensourced from Sun, modified by Feide.

  5. OpenSSO Metadata Feide Meta data Service Meta data OpenSSO meta data is in a simple format, less verbose than standard SAML 2.0 meta data format. Most inportantly: endpoints urls, entity id and cert.-info.

  6. Loading Metadata at Feide SAML 2.0 Meta data for service Contains the same info in standard SAML 2.0 meta data format.

  7. Implementing an authentication module A dokuwiki authentication module identifies whether the user is logged in or not and returns either true or false . If true it accociates the authenticated user with a list of groups the user is member of, and also sets a username and a mail address.

  8. Implementing an authentication module Load OpenSSOphp in the authmodule: Set the OpenSSO SSOinit and logout URL in a variable

  9. Implementing an authentication module Redirect to OpenSSO SSOinit URL if local session cookie does not exist. When a user does not have a local session at the service, she is redirected to the Feide IdP with SAML 2.0 authentication request (this is done by OpenSSO php). After successfull authentication the user is sent back to OpenSSO php with a response, and the OpenSSO php library will set a session cookie for you. When a user is authenticated, you can get a userid through a OpenSSO method:

  10. Dynamic group membership Retrieve attributes from OpenSSO php Generate dynamic group membership based on attributes: In addition add personal group memberships from a file:

  11. Returning from the auth module After retrieving attributes and dynamic group membership generation, we set name, mail and groups readable for dokuwiki internals and return true .

  12. Access Control List We configure access control of the wiki, using the dynamic groups. The auth module requires no local users at the wiki to map against. But optionally users can be configured custom group membership in a separate file.

  13. Login sequence OpenSSO dokuwiki.php Feide spSSOinit.php S A M L 2 . 0 A u t h R e q AssertionConsu SAML 2.0 AuthResponse IdP merService.php spSLOinit.php SingleLogoutSe PHP rvice .php Session Storage

  14. Logout sequence OpenSSO dokuwiki.php Feide spSSOinit.php AssertionConsu IdP merService.php SAML 2.0 LogouthReq e s n o p s e spSLOinit.php R t u o g o L 0 . 2 L M A S SingleLogoutSe PHP rvice .php Session Storage

  15. ?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Google<-SAML->Zscaler Integration Agenda n What is SAML? n AAA, Testing,

Google<-SAML->Zscaler Integration Agenda n What is SAML? n AAA, Testing,

Summer Webinar Series Google<-SAML->Zscaler Integration Dianne Dunlap (ddunlap@mcnc.org, 919-248-8439) Client Network Engineering Webinar Links: www.mcnc.org/cne-webinars Google<-SAML->Zscaler Integration Agenda n What is

899 views • 63 slides
WebRTC Identity in SAML Federations Mihly Mszros May 19, 2015 NIIF Institute Budapest /

WebRTC Identity in SAML Federations Mihly Mszros May 19, 2015 NIIF Institute Budapest /

WebRTC Identity in SAML Federations Mihly Mszros May 19, 2015 NIIF Institute Budapest / Hungary Agenda Education & Research Identity Federations SAML Terminology Overview of SAML auth call flow WebRTC Identity model

1.09k views • 52 slides
Wiki Wiki |wik| Etymology Coined by programmer Ward Cunningham (1949- ), from Hawaiian

Wiki Wiki |wik| Etymology Coined by programmer Ward Cunningham (1949- ), from Hawaiian

Research Wiki for ESM Wiki Wiki |wik| Etymology Coined by programmer Ward Cunningham (1949- ), from Hawaiian wiki-wiki quick-quick. What is a wiki? Wiki: Wiki |wik| a web site that allows collaborative editing of its

436 views • 14 slides
SAML 1.1 and its uses in eduGAIN Stefan Winter <stefan.winter@restena.lu> 1 Outline

SAML 1.1 and its uses in eduGAIN Stefan Winter <stefan.winter@restena.lu> 1 Outline

Fondation RESTENA euroCAMP 04 April 2006 SAML 1.1 and its uses in eduGAIN Stefan Winter <stefan.winter@restena.lu> 1 Outline SAML 1.1 overview Abstract operations vs. SAML profile Abstract operations: changes since

165 views • 14 slides
CAMPUS WIKI ANURAG MISRA DURGESH DEEP Whats a Wiki? A wiki is a type of website

CAMPUS WIKI ANURAG MISRA DURGESH DEEP Whats a Wiki? A wiki is a type of website

CAMPUS WIKI ANURAG MISRA DURGESH DEEP Whats a Wiki? A wiki is a type of website that allows users to easily add, remove or otherwise edit and change most available content In effect, a wiki is actually a very simple,

386 views • 24 slides
ICD Wiki Framework for Enabling Semantic Web Service Definition and Orchestration Dean Brown

ICD Wiki Framework for Enabling Semantic Web Service Definition and Orchestration Dean Brown

OIC 2008 ICD Wiki Framework for Enabling Semantic Web Service Definition and Orchestration Dean Brown dean.d.brown@lmco.com Dominick Profico dominick.t.profico@lmco.com Lockheed Martin Corporation Net-Centric Integration OIC 2008

125 views • 9 slides
Bridging OpenID and SAML 2.0 Andreas kre Solberg andreas@uninett.no Terminology OpenID

Bridging OpenID and SAML 2.0 Andreas kre Solberg andreas@uninett.no Terminology OpenID

Bridging OpenID and SAML 2.0 Andreas kre Solberg andreas@uninett.no Terminology OpenID Terminology OpenID OpenID OpenID Consumer Identity Provider SAML 2.0 Terminology SAML 2.0 SAML 2.0 Service Provider Identity Provider What is

427 views • 16 slides
Editing Your Wiki Adding Links on Your Wiki Adding Images to Your Wiki Adding Media to

Editing Your Wiki Adding Links on Your Wiki Adding Images to Your Wiki Adding Media to

Why Wiki? What was tried before Wiki Stevenson High School Stevenson High School The Anatomy Team The Anatomy Team Christine Christina Amerigo Collaborative Learning Traditional Carnazzola Pfaffinger Wood Lab

225 views • 4 slides
OpenID OpenID and SAML and SAML Fiona Culloch, EDINA Fiona Culloch, EDINA EuroCAMP, Stockholm,

OpenID OpenID and SAML and SAML Fiona Culloch, EDINA Fiona Culloch, EDINA EuroCAMP, Stockholm,

Shib Shibbolet oleth Develo Developmen ent a t and Su d Supp pport Services t Services OpenID OpenID and SAML and SAML Fiona Culloch, EDINA Fiona Culloch, EDINA EuroCAMP, Stockholm, 7 May 2008 EuroCAMP, Stockholm, 7 May 2008 Shib

666 views • 20 slides
A solution for Access Delegation based on SAML Ciro Formisano Ermanno Travaglino Isabel

A solution for Access Delegation based on SAML Ciro Formisano Ermanno Travaglino Isabel

A solution for Access Delegation based on SAML Ciro Formisano Ermanno Travaglino Isabel Matranga Access Delegation in distributed environments SAML 2.0 Condition to Delegate Implementation Future plans Access Delegation in distributed

666 views • 18 slides
Measuring wiki viability An empirical assessment of the social dynamics of a large sample of

Measuring wiki viability An empirical assessment of the social dynamics of a large sample of

Viable wikis Wiki dynamics Wiki growth enhancers and regulators Research directions Measuring wiki viability An empirical assessment of the social dynamics of a large sample of wiki-based communities Dario Taraborelli

543 views • 31 slides
Origins The evolution of 1999 - second oldest Wiki still going the Tclers Wiki wikit -

Origins The evolution of 1999 - second oldest Wiki still going the Tclers Wiki wikit -

Origins The evolution of 1999 - second oldest Wiki still going the Tclers Wiki wikit - written by Jean-Claude Wippler minimal markup Jos Decoster - jos.decoster@gmail.com Web + Tk renderer Steve Landers -

386 views • 10 slides
Updates Jicofo Authentication : Saml v2 Multibridge support Load balancing

Updates Jicofo Authentication : Saml v2 Multibridge support Load balancing

Updates Jicofo Authentication : Saml v2 Multibridge support Load balancing LastN Nightly support Statistics and logging system News Atlassian has just acquired Blue Jimp, Jitsi will continue to evolve as an

795 views • 17 slides
Using SCHISM Joseph Zhang 2 Primer Online manual and wiki resource: www.schism.wiki o There

Using SCHISM Joseph Zhang 2 Primer Online manual and wiki resource: www.schism.wiki o There

1 Using SCHISM Joseph Zhang 2 Primer Online manual and wiki resource: www.schism.wiki o There are beta_notes, sample files etc in each source code bundle It helps if you know a few programming/scripting languages: python, matlab,

804 views • 68 slides
quite an advanced wiki farm an overview Micha Frckowiak michal@wikidot.com MiniBar,

quite an advanced wiki farm an overview Micha Frckowiak michal@wikidot.com MiniBar,

quite an advanced wiki farm an overview Micha Frckowiak michal@wikidot.com MiniBar, London, 26 Jan 2007 Do you Wiki? Do you Wiki? WikiWiki = web pages you can edit! blogs are common, wikis are not (yet?) blog is a dynamical

405 views • 12 slides
Using SAML and XACML for Complex Resource Provisioning in Grid based Applications Yuri

Using SAML and XACML for Complex Resource Provisioning in Grid based Applications Yuri

Using SAML and XACML for Complex Resource Provisioning in Grid based Applications Yuri Demchenko, Leon Gommans, Cees de Laat System and Network Engineering Group University of Amsterdam POLICY2007 Workshop 13-15 June 2007, Bologna Outline

532 views • 25 slides
Software Architecture School of Computer Science, University of Oviedo Lab. 09 Distribution

Software Architecture School of Computer Science, University of Oviedo Lab. 09 Distribution

Software Architecture Software Architecture School of Computer Science, University of Oviedo Lab. 09 Distribution & Deployment Jose Emilio Labra Gayo Pablo Gonzlez 2019-20 Irene Cid Hugo Lebredo Software Architecture GitHub Pages

449 views • 30 slides
Todays Presenters John Chrastka Executive Director, EveryLibrary Carrie Andrew Director,

Todays Presenters John Chrastka Executive Director, EveryLibrary Carrie Andrew Director,

Todays Presenters John Chrastka Executive Director, EveryLibrary Carrie Andrew Director, Lone Cone Library District, Norwood, CO Building voter support for libraries Build Your Political Literacy Skills for Advocacy John Chrastka |

588 views • 36 slides
Building Effective Partnerships for Review January 11, 2017 About the National Center The

Building Effective Partnerships for Review January 11, 2017 About the National Center The

Building Effective Partnerships for Review January 11, 2017 About the National Center The National Center for Fatality Review and Prevention is a resource and data center that supports child death review (CDR) and fetal and infant mortality

509 views • 50 slides
Introduction to CMS Medicaid Enrollment and Utilization Data Files Gerri Barosso, ResDAC

Introduction to CMS Medicaid Enrollment and Utilization Data Files Gerri Barosso, ResDAC

Introduction to CMS Medicaid Enrollment and Utilization Data Files Gerri Barosso, ResDAC Technical Advisor About ResDAC Centers for Medicare and Medicaid Services (CMS) contractor Offer free assistance to researchers interested in using

479 views • 15 slides
WikiEducator Visualising open education futures Wayne Mackintosh, International Centre for Open

WikiEducator Visualising open education futures Wayne Mackintosh, International Centre for Open

WikiEducator Visualising open education futures Wayne Mackintosh, International Centre for Open Education, Otago Polytechnic 2009 A return to tradition? WE MUST BE FREE Share, Remix, Reuse WE MUST BE OPEN Legitimate plagiarism? 2

610 views • 24 slides
How to combine Debian and Yocto/Bitbake? Manuel Traut <manuel.traut@linutronix.de> ELCE

How to combine Debian and Yocto/Bitbake? Manuel Traut <manuel.traut@linutronix.de> ELCE

How to combine Debian and Yocto/Bitbake? Manuel Traut <manuel.traut@linutronix.de> ELCE 2017 - Prague 1. Why Yocto? What's next? 2. About Debian 3. Benefit of a combination 4. Existing solutions 5. Perfect combination 1) Why

492 views • 24 slides
Radspec is a safe alternative to Ethereum's natspec Demo Features External calls : Can perform

Radspec is a safe alternative to Ethereum's natspec Demo Features External calls : Can perform

Radspec is a safe alternative to Ethereum's natspec Demo Features External calls : Can perform calls to external contracts Safe : No DOM access at all Simple : Very familiar syntax (looks like Flow) Compatible : Most natspec

656 views • 21 slides
SRI Seminar The Nepomuk Project & Social Semantic Desktop & current state of the gnowsis

SRI Seminar The Nepomuk Project & Social Semantic Desktop & current state of the gnowsis

SRI Seminar The Nepomuk Project & Social Semantic Desktop & current state of the gnowsis http://nepomuk.semanticdesktop.org info@nepomuk.semanticdesktop.org Leo Sauermann leo.sauermann@dfki.de 7.9.2006 persona created using

888 views • 53 slides

More recommend