saml-2.0

问题 How can I access to saml2:NameID from saml2:Subject response XML node by using Kentor AuthService? I couldn't find in code anything that deals with that part of XML. Maybe I'm missing something. I'm not asking about Kentor IdP, I see that there NameID is sent as additional claim, which is translated as attribute, I'm asking in general, IdP does not have to be powered by Kentor, so I can't rely that I will have this value passed as attribute. So, if it's handled I couldn't find it here: https:

问题 I want to configure ADFS to create single signon service and use the same for another web application. I am very new to this. Please suggest me how to do it or at least where to start. Thanks in advance for your time. 回答1: You can only install on Windows Server. If you want ADFS 2.0 you need Server 2008 R2. Install The latest (ADFS 3.0) is on Server 2012 r2. Update Is the application Java or .NET? You need a SAML client side stack - refer SAML : SAML connectivity / toolkit. You then take the

问题 I've successfully implemented SSO authentication using Spring-SAML extension. Primary requirement for us to support IDP-initiated SSO to our application. Well, by using the configurations from spring-security-saml2-sample even SP-initiated SSO flow also works for us. Question: Is keystore is used in IDP-initiated SSO (if metadata has certificate)? If not used, I would like to get rid of keystore configurations from securityContext.xml . Note: SP-initiated SSO and Global logout is not needed

问题 In reference to this SO question Add request parameter to SAML request using Spring Security SAML I am wanting to replace the default HTTPRedirectDeflateBinding bean with my own that has a custom HTTPRedirectDeflateEncoder to add query params to my SAML request. I'm trying to achieve this with the Spring Boot @Bean auto-configuration annotation and being new to the Java environment I can't seem to get it working right. I can see that my bean is registering on startup but the outbound HTTP

问题 In order to fetch metadata from a remote source, I defined an ExtendedMetadataDelegate bean as follows: @Bean @Qualifier("replyMeta") public ExtendedMetadataDelegate replyMetadataProvider() throws MetadataProviderException { String metadataURL = "https://ststest.mydomain.it/FederationMetadata/2007-06/FederationMetadata.xml"; final Timer backgroundTaskTimer = new Timer(true); HTTPMetadataProvider provider = new HTTPMetadataProvider( backgroundTaskTimer, httpClient(), metadataURL); provider

问题 my IDP requires an AuthNRequest with an embedded, signed and encrypted, where the request url looks like this: http://idp.example.com/SSOService.php?SAMLRequest={val1} AuthNRequest with embedded signature (HTTP-POST binding) <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx41d8ef22-e612-8c50-9960-1b16f15741b3" Version="2.0" ProviderName="SP test" IssueInstant="2014-07-16T23:52:45Z" Destination="http://idp.example

问题 I am developing saml sso using wso2is. I customized the authentication endpoint according the blog post below 1. Basically I just deployed a war on my server and configured application-authenticators.xml to use it: <Authenticators> <Authenticator name="BasicAuthenticator" disabled="false" factor="1"> <!-- <Status value="10" loginPage="/authenticationendpoint/login.do" /> --> <Status value="10" loginPage="https://servlet.example.com/customlogin/login.do" /> </Authenticator> </Authenticators>

问题 Spring Security SAML Sample App is not working for me when I integrate it with PingIdentity. After getting the redirect to idp, loggin on Ping ok, getting a good saml assertion, get redirect back to Spring Security Sample SAML app, I get an endless loop with an access denied error in the spring-security stack. And an org.sourceid error in Ping. Error in Ping log is (right before creating a good SAML Assertion): org.sourceid.saml20.profiles.StatusResponseException: Unknown

问题 I am using the tutorial from www.npmjs.org/package/passport-saml for the SAML. I am a beginner in SAML. The tutorial says The SAML identity provider will redirect you to the URL provided by the path configuration I already have a OpenIdp account. It seems I can successfully login but the redirect URL always sends me to localhost:3000/login/callback which is not present in my code because I changed the 'path' to '/users/login-user-db-saml' or 'www.passporttoken.com:1234/users/login-user-db

问题 I am using the tutorial from www.npmjs.org/package/passport-saml for the SAML. I am a beginner in SAML. The tutorial says The SAML identity provider will redirect you to the URL provided by the path configuration I already have a OpenIdp account. It seems I can successfully login but the redirect URL always sends me to localhost:3000/login/callback which is not present in my code because I changed the 'path' to '/users/login-user-db-saml' or 'www.passporttoken.com:1234/users/login-user-db