Project Moonshot

does Moonshot help to bridge identity provider

Asked by tony

Thanks for your attention.
we have some services which only support RADIUS and another identity provider which supports SAML.
now we'd like to use SSO based on SAML to access RADIUS services.
is Moonshot able to help?
sorry if that's not clear to you.
thanks in advance.

Question information

Language:
English Edit question
Status:
Answered
For:
Project Moonshot Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Sam Hartman (hartmans) said : 		#1

Some of the Moonshot technology and some software in the moonshot community could be useful here. In particular, your radius server could use an EAP method that gets you a password to the RADIUS server, then use SAML ECP to talk to your SAML SSO implementation to get an assertion and authenticate the user. The attributes defined in draft-ietf-abfab-aaa-saml could be used to carry the resulting assertion back to your radius service if that would be useful. I recommend you bring this use case up on the <email address hidden> list and see what people think.

Can you help with this problem?

Provide an answer of your own, or ask tony for more information if necessary.

To post a message you must log in.