Changes between Version 4 and Version 5 of BbConnect


Ignore:
Timestamp:
09/06/12 10:04:12 (12 years ago)
Author:
dabantz@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • BbConnect

    v4 v5  
    1212 
    1313see "Connect SSO Implementation Manual" (too large to attach) 
     14 
     15BBC uses "unsolicited" or "IdP initiated" SSO.  That means that, rather than responding to a user's request and redirecting the user's browser to the IdP for authentication and attributes, BBC requires us to send a SAML assertion with user authentication and required attributes.  This is accomplished in the Shibboleth IdP by setting up a URL that invokes a profile (or "end point") specifically for unsolicited SSO ("idp/profile.SAML2/Unsolicited/SSO") and includes the (encoded) relying party entity id above. 
     16 
     17For BBC entity above, that URL is: 
     18https://idp.alaska.edu/idp/profile/SAML2/Unsolicited/SSO?providerId=https%3A%2F%2Fssostg.blackboardconnect.com%2FSAML%2FConnect%2FB46C75BF139144349190F775C38F05A9  
     19 
     20 
     21[[https://wiki.shibboleth.net/confluence/display/SHIB2/IdPUnsolicitedSSO|Shibboleth wiki IdPUnsolicitedSSO]] 
     22 
     23[[http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0-cd-02.html|SAML 2 Technical Overview]] see §5.1.4