Using caddy Authorize plugin against a Shibboleth IDP

I have successfully added SAML authentication to an Apache server. The IdP I use implements SAML via Shibboleth. Now I want to migrate the server to Caddy. That’s how I discovered the authorize plugin.

The plugin uses the crewjam/saml package. I have used that before successfully on standalone golang server against the same IdP I want to use for my Caddy server. It should work fine.

There is one caveat though. The current Apache configuration uses two different set of keys for signing and encrypting.

My questions are:

  1. Can I use caddy authorize plugin to authenticate my domains/endpoints against my SAML IdP?
  2. Can I use the two separate set of keys to setup the SAML flow or I have to use the same keys for signing and encrypting?

Thank you,

1 Like

You’ll get better help with this by asking on the caddy-security repo itself

1 Like

Thank you. Question posted here.

This topic was automatically closed after 30 days. New replies are no longer allowed.