On Fri, Jul 5, 2019 at 11:12 AM Andrew Heberle
wrote:
> Hi All,
>
> I have put together a Go based proof of concept SPOE agent that also
> implements a SAML 2 Service Provider (SP) in order to do "SSO" in
> HAProxy.
>
> The code is located here:
>
> https://gitlab.com/andrewheberle/go-http-auth-sso
>
> The basic process is that SPOA is used to check if the user is logged
> in or not and then based on the set variables you can make decisions
> via "http-request" rules.
>
> This originally started out without the SPOE part and was using the
> Lua http-auth-request script
> (https://github.com/TimWolla/haproxy-auth-request), however with the
> release of the Go SPOE package
> (https://github.com/Aestek/haproxy-connect/tree/master/spoe) I rewrote
> it based on that.
>
> Our use case is to have the SP pointed to a IdP in Azure so we can do
> single-sign-on to Office 365 and we have "http-request" rules in place
> to set some custom headers that our application uses for
> authentication/authorisation. These are set based on the variables
> that come back from the SPOA, which come from the claims in the
> authentication process.
>
> Hopefully this is of some use to people.
>
> Any feedback and constructive criticism is welcome.
>
> --
> Andrew Heberle
>
>
Thanks for sharing Andrew!
Cheers,
Igor
