如何将 SAML 集成到我的 Rails 应用程序中?
我有一个 Rails 应用程序,目前是我客户的 SSO 身份提供商的附属网站。目前它使用 CA SiteMinder Affiliate Agent,这是一个 apache 模块。底层的 SSO 架构被抽象出来,我的 Rails 应用程序只需解析 HTTP 标头即可从客户的身份服务器接收值。我现在必须将我的站点从 SiteMinder Apache 模块转换为使用 SAML。有谁有这应该如何实施的经验?是否有一个 Apache 模块可以继续我现在习惯的抽象,或者我的 Rails 应用程序将负责解析 SAML 断言?
I have a rails app that is currently an affiliate site with my customer's SSO Identity Provider. Currently it uses the CA SiteMinder Affiliate Agent, which is an apache module. The underlying SSO architecture is abstracted away and my Rails app only has to parse and HTTP Header to receive the values from my customer's Identity Server. I now have to convert my site away from the SiteMinder Apache Module and use SAML. Does anyone have experience with how this should be implemented? Is there an Apache Module that can continue the abstraction I'm used to now, or will my Rails application be responsible for parsing the SAML assertions?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
OpenSAML 是一个库 - 它并不是 Site Minder 的真正替代品。也许您正在考虑 OpenSSO。它是一个与 Site Minder 非常相似的开源产品,支持 SAML 和 Apache。
OpenSAML is a library - it's not really a replacement for Site Minder. Perhaps you're thinking of OpenSSO. It is an open source product very similar to Site Minder that supports SAML and Apache.
我的团队在 Ruby 中实现了 SAML 协议,并且运行良好。使用一些库来计算哈希值时出现了一些小问题,但它确实有效。我不确定现在是否有更好的即插即用解决方案,但理解 SAML 身份验证过程并实现我们的部分只花了几天时间。
My team implemented the SAML protocol in Ruby and it worked well. The were some minor hiccups in using some libraries to compute hash values, but it worked. I'm not sure if there is a better plug and play solution by now, but understanding the SAML authentication process and implementing our part only took a few days.