SAML Integration

Shibboleth Guides

The key to deploying federated services is understanding Shibboleth and SAML, how the required components interact, and details on session cookies and the terminology in use.

The following articles serve as an introduction to these topics:

Starting point for installation on Linux, Windows and Mac

SP Configuration

Standard Flow

The diagram below illustrates the interaction between the user, the service provider (SP) and the identity provider (IdP).

SAML Diagram

Figure 1. Shibboleth Component Interactions

The interactions are as follows (and are referenced from Shibboleth):

  • The SP detects the user attempting to access restricted content within the resource.
  • The SP generates an authentication request, then sends that request, and the user, to the user’s IdP.
  • The IdP authenticates the user, then sends the authentication response, and the user, back to the SP.
  • The SP verifies the IdP’s response and sends the request through to the resource which returns the originally requested content.