Shibboleth Developers

["Scott Cantor" <>]

Caio Honda wrote on 2009-12-01:
> Hi,
> Im new on the group, my name is Caio, student of Computer Science and
making
> Scientific initiations, and one of my goals is to make an application
stand
> alone authenticate using Shibboleth.

As usual with this question, you have specified neither what the client
really is here or more importantly what the service you want to authenticate
to is. Because if it's not a web site you have the fundamental problem of
defining how SAML even addresses authentication within the context of the
protocol in question.

What I don't advise doing is hacking up a solution involving web browsers
and web servers to solve a problem that doesn't involve either one (if in
fact that's the case).

> So, thought about simulate
> a browser or something and make requests like an usual browser.

Very ill-advised in most cases.

> The scenary is basically, a client within a Web container, that are web
> applications such as servlets or PHP scripts, can use its container to
> redirect users to the application that need to do, then make them
> authenticate there using their local federation procedures.

If you're asking how to authenticate to a *web site* with a piece of code
that isn't a browser, an answer to that is covered here (possibly minus the
delegation related material if the client were directly controlled by a
user).

https://spaces.internet2.edu/display/ShibuPortal/Home

If that's not what you're asking, then you have to specify the problem.

But the browser profile is for a *browser* to authenticate to a web site and
for IdP authentication to be handled in a browser-friendly manner. It is not
generally suitable for addressing other problems; that's why it's called a
browser profile.
 
-- Scott