Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Shibboleth SP with Azure AD

Bob Lee
Gregor Bračko
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
July 26, 2022

Hi,

i have integrated shibboleth SP to my codeigniter app.

The first problem i have is that i can't acces www.example.com/Shibboleth.sso.. because it is returning 404.

Then i made a workaround and created a new folder in apache's default directory (for me var/www/html/xxx/yyy/zzz/shibdemo) and created a .htaccess file with this properties:

AuthType shibboleth
<IfVersion < 2.3>
ShibCompatWith24 On
</IfVersion>
ShibRequestSetting requireSession true
require shib-session

 

My shibboleth2.xml:

->  <ApplicationDefaults entityID="https://example.com/shibdemo" signing="true"
encryption="false"
REMOTE_USER="SHIB_EPPN eppn persistent-id targeted-id"
cipherSuites="DEFAULT:!EXP:!LOW:!aNULL:!eNULL:!DES:!IDEA:!SEED:!RC4:!3DES:!kRSA:!SSLv2:!SSLv3:!TLSv1:!TLSv1.1">

-> <SSO entityID="https://sts.windows.net/yyyyyy-aaaaaa-hhhhhhh-xxxxxxx/"
discoveryProtocol="SAMLDS" discoveryURL="https://ds.example.org/DS/WAYF">
SAML2
</SSO>

-><MetadataProvider type="XML" validate="false" path="partner-metadata.xml"/>

I created metadata file with shib-metagen command and uploaded them to my azure non gallery app and then downloaded federation metadata, saved as partner-metadata.xml

 

Now my Reply url is set as https://example.com/shibdemo/Shibboleth.sso/SAML2/POST


Now if i access www.example.com/shibdemo it redirects me to login page for microsoft. But after login i get error -> url mismatch because saml request (response) is pointing to https://example.com/Shibboleth.sso/SAML2/POST. And if i change reply url to that url i once again get 404 error.

Please somebody help me:)

 

Answer
Watch
Like Be the first to like this
1226 views

1 answer

0 votes
Visshal
Visshal
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 26, 2022

Are you going through the hierarchy of the following ?

As a pre-requisite to starting the steps below, please review the benefits, user experiences, and requirements of single sign-on in Prepare for single sign-on
  1. Run through the detailed instructions in Configure Shibboleth for use with single sign-on.
  2. Install Windows PowerShell for single sign-on with Shibboleth 
  3. Set up a trust between Shibboleth and Azure AD 
  4. Follow the detailed instructions in Directory synchronization roadmap  to prepare for, activate, install a tool, and verify directory synchronization.
  5. Verify single sign-on with Shibboleth

Thanks

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.