Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help

       OpenXPKI::Server::Authentication::ClientSSO - support for client	based

       This is the class which supports	OpenXPKI with an authentication	method
       via an SSO mechanism on the client side of the daemon. This can be for
       example an installed Shibboleth system on the web server. Please	notice
       that you	must trust the web server in this case.	 The parameters	are
       passed as a hash	reference.

       is inherited from OpenXPKI::Server::Authentication::External

       returns (user, role, service ready message) triple if login was
       successful, (undef, undef, {}) otherwise. The message which is supplied
       as a parameter to the function should contain at	minimum	LOGIN as
       parameter. You can supply this module with preconfigured	role from the
       client SSO via the parameter pseudo_role. This parameter	can be
       processed on the	server side via	a regex	or a command to	check its

       It is higly recommended to take a look at the source code of this
       module before you blindly trust a client's SSO mechanism.  Additionally
       you have	to understand that the server in this case must	trust the
       client or the wrapper around the	client.

perl v5.32.0			OpenXPKI::Server::Authentication::ClientSSO(3)

Name | Description | Functions

Want to link to this manual page? Use this URL:

home | help