Hi All,

I have put together a Go based proof of concept SPOE agent that also
implements a SAML 2 Service Provider (SP) in order to do "SSO" in

The code is located here:


The basic process is that SPOA is used to check if the user is logged
in or not and then based on the set variables you can make decisions
via "http-request" rules.

This originally started out without the SPOE part and was using the
Lua http-auth-request script
(https://github.com/TimWolla/haproxy-auth-request), however with the
release of the Go SPOE package
(https://github.com/Aestek/haproxy-connect/tree/master/spoe) I rewrote
it based on that.

Our use case is to have the SP pointed to a IdP in Azure so we can do
single-sign-on to Office 365 and we have "http-request" rules in place
to set some custom headers that our application uses for
authentication/authorisation.  These are set based on the variables
that come back from the SPOA, which come from the claims in the
authentication process.

Hopefully this is of some use to people.

Any feedback and constructive criticism is welcome.

Andrew Heberle

Reply via email to