I am not familiar enough with how AUTH works but can offer a perspective that might help to the level you want AUTH to support AD or SAML2 SSOs.
In both AD and SAML using the Shibboleth IIS Plug-in, you are in essence designating a protected folder on the IIS web-server to require authentication. In other words, if you land to that protected folder and are NOT authenticated, IIS presents to the user an IIS generated Challenge/Response screen to enter credentials for AD or sends you to the IDP server (which can be any SAML2 IDP such as Shibboleth, ADFS, Azzure, Google, Okta... ) for authentication. In both cases once IIS determines you are authenticated (not the web-app), you ultimately are redirected back to the protected folder as an authenticated user. As an authenticated user, your browser header now has your login id in the header for AD and whatever identity attributes are released from the IDP server such as login id, emaiil, employee number, full name, shoe size... The catch to SAML2 is the identity attributes can be whatever you agree to in the initial configuration. My point is authentication is managed at the web-server and does not need to be in the web application. What does need to be in the web application, if AUTH is to be used, is some sort of mapping of the browser header variables to appropriate columns and extending the data model if additional identity attributes are needed once the user is authenticated. Perhaps I am over simplifying! Hope this helps! On Sunday, August 18, 2019 at 1:35:32 AM UTC-4, Massimo Di Pierro wrote: > > web2py or py4web? I could use some help getting it to work for py4web. > > On Thursday, 1 August 2019 07:08:10 UTC-7, Davidiam wrote: >> >> We are working on a Shibboleth implementation now. So far it is working >> better than the other tests we did on Windows. >> >> We wanted to test it using a localhost Shibboleth sp and idp but it >> wasn't clear to us how we needed to configure it. >> >> Thanks for the tip! >> >> -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/web2py/fc1d4032-47a5-4ad0-aeb0-59b0eced0d64%40googlegroups.com.
