8:06 p.m.
Hello Gustavo,
SATOSA defines "frontends" that have an IdP-like interface, and
"backends" that have an SP-like interface. With this in mind you
would need a frontend that knows how to handle SAML2 and a
backend that either, knows how to make a SAML1 authentication
request and how to handle the SAML1 response or, knows how
to make the proper calls to fulfil the custom API.
This means that SATOSA can probably be used to do both, but you have
to provide those backends. SATOSA's support for SAML is based on the
pysaml2 library, which -by its name- supports only SAML2. So, you either
have to write a backend that knows SAML1, or implement your custom
API as you wish.
Cheers,
On Wed, 26 Feb 2020 at 17:21, Gustavo Duarte <gus.duarte at gmail.com> wrote:
We have an IDP which supports SAML1 and Proprietary rest API working since several years
ago.
Now we should integrate a new Service Providers through an ADFS (Active Directory
Federation Service).
Since ADFS supports only SAML2, we are facing to adapt our IDP to SAML2. Convert or
modify our current IDP, isn't an option, so the solution must be by building an
external module between the ADFS and IDP.
Escenario 1)
SP <---> ADFS <---- (SAML2)----> {GW} <---(SAML1)---> IDP.
Escenario 2)
SP <---> ADFS <---- (SAML2)----> {GW} <---(Custom REST API)---> IDP.
My questions,
Is the SATOSA suitable to work as GW in one of these escenarios ?
What documentation can i start to read ?
Thanks you very much !!
_______________________________________________
Satosa-dev mailing list
Satosa-dev at lists.sunet.se
https://lists.sunet.se/listinfo/satosa-dev
--
Ivan c00kiemon5ter Kanakarakis >:3