Title :
Re-engineering of web reverse proxy with shibboleth authentication
Author :
Haron, Galoh Rashidah ; Maniam, D. ; Sadasivam, V. ; Wong Hon Loon
Author_Institution :
Inf. Syst. Security Lab., MIMOS, Kuala Lumpur, Malaysia
Abstract :
Majority of web authentication is implemented using username and password mechanism. How about leveraging the Shibboleth authentication advantages as an alternative to username and password based authentication to access a live web site? This challenge is trivial if, the codes that built the external web sites are permissible to be modified. In a case where no access on the codes is available, we introduce a reverse proxy as a middleware between the Shibboleth and the web sites. As part of the solution, we re-engineer the existing web reverse proxy and create Java classes that manage and perform automated authentication to access the web site. We share the development experiences in completing the challenge which is assisted by the open source development efforts.
Keywords :
Java; Web sites; authorisation; message authentication; middleware; reverse engineering; Java classes; Shibboleth authentication; Web authentication; Web reverse proxy re-engineering; Web site access; automated authentication; live Web site; middleware; open source development efforts; password based authentication; username based authentication; Authentication; Board of Directors; Browsers; Databases; HTML; MIMO; Web sites; Security Assertion Markup Language (SAML); Shibboleth; Single Sign-On (SSO); Web proxy;
Conference_Titel :
Internet Technology And Secured Transactions, 2012 International Conference for
Conference_Location :
London
Print_ISBN :
978-1-4673-5325-0
