What is Shib Daemon used for?
https://stackoverflow.com/questions/11370241
-
19-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian質問
I am new to the SAML world. I just installed Shibboleth SP and IdP, and made them work with each other. I am now trying to understand how everything works under the hood.
The question is: When we install SP for Apache on Windows, we can choose whether to install Shib Daemon or not. Can anybody tells me what is that used for? Is it optional to make SP work?
I have tried to google and searched old posts, but cannot find so much details. My understand is Shib SP is a module that runs on Apache(for my install), and it is responsible for:
Setting up trust connection with IdP
Handle request from browser, and redirect to IdP
Handle response from IdP and redirect to user's real application page.
It seems to me that Shib Daemon is not involved in these works. Did I miss anything or I misunderstood anything?
Thanks you so much!
解決
I can explain how it works on Linux with ShibD and Apache, and I think that will be similar to the way it works on Windows.
The ShibD process itself is what processes all of the SAML 2.0 assertions. The assertions are received by Apache, so there is a mod_shibd module for Apache that talks to the ShibD process. This allows the ShibD daemon not to reside in the same process space as Apache. Thus, you do need the Shib Daemon installed, and you also need Apache and the mod_shibd module installed so that Apache can communicate with the Shib Daemon to provide SAML Web SSO.
