ADFS, Shibboleth/IIS and Peoplesoft Integration

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

ADFS, Shibboleth/IIS and Peoplesoft Integration

Eric Patag
Hi All,

In reference on the above-mentioned subject, I'd been trying to setup these 3 applications however, I have issues integrating with it for the same.

My VM setup:
1- VM (AD)
1- VM (ADFS)
1- VM (Peoplesoft, IIS, Shibboleth)

My sample testing:
Successfully tested and configured the connectivity between of ADFS 2.5(LdP) and Shibboleth 2.6 (SP) setup, thus can access my sample Microsoft application via this URL. https://peoplesoft-851.yobibyte.local/secure link configured in IIS. (I have just tried to familiarize myself with Shibboleth as it is my first time to setup this).

To continue with my setup, I configured and successfully setup the IIS as an Reverse Proxy Server of Oracle Peoplesoft as I can access the peoplesoft application directly from IIS https://peoplesoft-851.yobibyte.local:4434 while the actual URL of peoplesoft is https://peoplesoft-85.yobibyte.local.

My question is how can I add this new URL link https://peoplesoft-851.yobibyte.local:4434/ in the shibboleth2.xml. In IIS, i had created this as a new link with site ID = 2.

Here is my sample shibboleth configuration:

ISAPI normalizeRequest="true" safeHeaderNames="true">
             <Site id="1" name="Peoplesoft-851.yobibyte.local" />
            <Site id="2" name="Peoplesoft-851.yobibyte.local" scheme="https" port="4434"/>
        </ISAPI>

<RequestMapper type="Native">
        <RequestMap>
           <Host name="Peoplesoft-851.yobibyte.local">
                <Path name="secure" authType="shibboleth" requireSession="true"/>
        </RequestMap>
    </RequestMapper>

<ApplicationDefaults entityID="https://Peoplesoft-851.yobibyte.local/shibboleth"
                         REMOTE_USER="samAccountName eppn persistent-id targeted-id"
                   cipherSuites="ECDHE+AESGCM:ECDHE:!aNULL:!eNULL:!LOW:!EXPORT:!RC4:!SHA:!SSLv2">

     <SSO entityID="http://ADFSSVR.yobibyte.local/adfs/services/trust"
                 discoveryProtocol="SAMLDS" discoveryURL="https://ADFSSVR.yobibyte.local/DS/WAYF">
              SAML2 SAML1
            </SSO>


May I know what other consideration i need to configure to successfully access this new URL link https://peoplesoft-851.yobibyte.local:4434/ thru Shibboleth thus it can forward it to ADFS for authentication. Currently, it doesn't process by Shibboleth, it will just open my Peoplesoft application via IIS RPS.

Any advise is highly appreciated. Thanks!

Regards,
Eric