saml

问题 We are trying to setup a custom SAML integration with the Cisco WebEx. However WebEx SP keeps complaining about the "Invalid digital signature" after the SAML Response is sent to WebEx. We have already inspected the SAML Response, Signing Cert, and the Fiddler trace of the SAML transaction. Nothing seems out of ordinary. We have done this for several other services and have not run into any issues. Is there a good tool that can help us debug as to why WebEx is thinking the Digital Signature

问题 When the user is viewing the SP and he clicks the "Login" button, a popup pointing to the IDP's login form is opened. After the user provides their username/password and submits the login form within the popup, assuming the credentials are valid, how can I get the SAML assertion generated by the IDP back to the SP. Can I use window.postMessage? 回答1: The response (including the SAML assertion) of the IDP will be send to the Assertion Consumer Service URL of your SP. At this point you can do

问题 I am working with Single Sign On (SSO) for some time. I am using Ping Federate as an Identity Provider(IdP) and a sample Java spring-boot application as the Service Provider(SP). The protocol used is SAML. I have downloaded the spring application from https://start.spring.io with "Web" and "Security" dependencies and looking forward to establishing a connection. It is required to upload the metadata file of the spring app which is the Service Provider in this case at Ping Federate while doing

问题 I am trying to generate a private/public key pair in X.509 format along with a self signed cert which I need to use for my SAML application. Here is what I have done: Generate Self Signed Cert and Private Key from here and save them in .pem format. Use the private key and generate a public key with the command openssl rsa -in key.pem -pubout -out pubkey.pem When I give these keys to my SAML application, it errors out on the public key generated on step 2 with the following message: java.io

问题 To replicate the potential production scenario of an IdP initiated SAML request, I'm trying to set up a local (docker-based) version of OpenAM to serve as an IdP for an application (an SP) that I am developing. The application is written in Django and is reliant on its ability to resolve groups associated with the user whose identity is being asserted in the SAML response from this IdP. Specifically, I'd like to receive the names of groups for each user in SAML response in the following

问题 I am spinning a big wheel now. please shed some light. Reverse proxy is working with Apache. So, when I access https://hostname/app/default.html, it opens Tomcat app url. No issue. The tomcat app currently redirects to https://hostname/app/login.html which has a login box. 1) Do I need to disable UserDatabase on Tomcat server.xml ? <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org

问题 Implementing SSO in my application and from app-1 i need to make a rest call to app-2. Login in app-1 with SAML and authenticated successfully and trying for rest call from app-1 with openid but since authentication is using saml only so not able to get the access/bearer token. Please help how to get the access/bearer token from saml request/response. I'm using Keycloak Server for SSO implementation. 回答1: You can't. REST API need a JWT token not a SAML one. Change SAML to OpenID Connect and

问题 I try to make a SP hosted on Google app engine, with a third party IdP, and I'm facing multiple problems. I'm using Spring SAML extension for java. I was able to run the stand alone (not in GAE) demo app, from the official guide http://docs.spring.io/spring-security-saml/docs/1.0.x/reference/html/chapter-quick-start.html using as IdP idp.ssocircle.com. Now my problem comes whey I tried to integrate this code in my GAE project. When running with GAE I can get to the phase where I'm redirected

问题 I have following piece of code which is troubling me to read the value from Request.Params . Right now I just want to read values (in receiver) that I'm passing from sender i.e. username and SAMLResponse. Sender protected void Button1_Click(object sender, EventArgs e) { HttpWebRequest httpWReq = (HttpWebRequest)WebRequest.Create("MY URL"); httpWReq.Method = "Post"; XElement obj = XElement.Load(@"Load.xml"); StringBuilder postData = new StringBuilder(); postData = postData.Append("username

问题 We are working on the development of micro services for our domain. We have a requirement to secure the micro services using SAML. I read through the SAML docs and see that there would an Identity provider to which we have register our application (SP) and also we should connect to IdP for authentication. I understand that we need to establish a circle of trust or federation between them. I tried using the Spring Security SAML extension and SSOCircle.com as IdP for authentication using the