The Sitecore Shibboleth Login module – SSO one header at a time

When you start using Sitecore as an intranet you inevitably must face the identity management scenario: where are the users who are visiting the intranet going to be stored?

In most established organizations, a centralized identity management system is already in place. For a recent project, I came across the need to get Sitecore to act as a Shibboleth Service Provider and perform Single Sign-on (SSO) with a Shibboleth Identity Provider.

Shibboleth itself handles most of the heavy lifting, but there are some steps to force Sitecore to get out of Shibboleth’s way. Also, once you actually authenticate to Shibboleth you still need to authenticate to Sitecore with the header details you receive.

Enter the Shibboleth Login module, now available for download on my GitHub repository: https://github.com/jst-cyr/SitecoreShibbolethLogin

The module will get inject a pipeline handler to read the headers from Shibboleth and log in a virtual user for you with the information from the identity provider.

This has been tested against Sitecore 8.2 update 2, but I’m fairly certain that the API calls I made should work across other 8.x versions. Let me know if you find a problem getting it set up!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s