saml-2.0

I've seen a bunch of flow chart on how it is passed around between Identity Provider (IdP), Service Provider (SP), and Browser via Redirects. However it seems unnecessary to me right now, so i know i'm missing something. Can someone provide me a use case where a SAML Artifact is required (or very useful) compared to not using one? Thank you. Typically, the intent of the artifact binding is to reduce the flow of SAML messages through the browser itself. This could be due to browser restrictions (browsers that have limits on query string / POST payload size) or no support for JavaScript (for

I'd like to implement a Single Sign-on (SSO) authentication layer in my Spring-based application with the aim of supporting authentication and authorization from different security domains. I've chosen Shibboleth as IdP, but I have yet to identify what I will use for the SP. The choices are: Spring Security SAML Extension: component enables both new and existing applications to act as a Service Provider in federations based on SAML 2.0 protocol and enable Web Single Sign-On. Spring Security Extension allows seamless combination of SAML 2.0 and other authentication and federation mechanisms in

I'm trying to login my university's server via python, but I'm entirely unsure of how to go about generating the appropriate HTTP POSTs, creating the keys and certificates, and other parts of the process I may be unfamiliar with that are required to comply with the SAML spec. I can login with my browser just fine, but I'd like to be able to login and access other contents within the server using python. For reference, here is the site I've tried logging in by using mechanize (selecting the form, populating the fields, clicking the submit button control via mechanize.Broswer.submit(), etc.) to

I have a SAML assertion that I wish to authenticate in .Net using WSSecurityTokenSerializer . I've got the key-chain and SAML XML, despite a few issues . First I get the SAML assertion from the HTTPS POST: // spec says "SAMLResponse=" string rawSamlData = Request["SAMLResponse"]; // read the base64 encoded bytes byte[] samlData = Convert.FromBase64String(rawSamlData); // read back into a UTF string string samlAssertion = Encoding.UTF8.GetString(samlData); // get the SAML data in an XML reader var assertionPostStream = new StringReader(samlAssertion); var reader = XmlReader.Create

I am trying to use pure .NET (no external classes, controls, helpers) to create a SAML message. I found some code on the interwebs; this is what I have: private static SamlAssertion createSamlAssertion() { // Here we create some SAML assertion with ID and Issuer name. SamlAssertion assertion = new SamlAssertion(); assertion.AssertionId = "AssertionID"; assertion.Issuer = "ISSUER"; // Create some SAML subject. SamlSubject samlSubject = new SamlSubject(); samlSubject.Name = "My Subject"; // // Create one SAML attribute with few values. SamlAttribute attr = new SamlAttribute(); attr.Namespace =