saml

Is it possible to send attributes in a SAML authentication request? <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="aaf23196-1773-2113-474a-fe114412ab72" Version="2.0" IssueInstant="2004-12-05T09:21:59Z" AssertionConsumerServiceIndex="0" AttributeConsumingServiceIndex="0"> <saml:Issuer>https://sp.example.com/SAML2</saml:Issuer> <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/> </samlp:AuthnRequest> Technically, yes, it is possible, since AuthnRequest can contain an

We have SAML-based single sign-on (SSO) enabled between our company's Intranet Portal and Box so that the users do not use username and passwords to login to Box.com. They just click on a button on Intranet Portal which posts a SAML assertion to Box.com to authenticate. We would like to provide the ability to our users to search their Box documents directly from the Intranet Portal and the Box.com API looks like a perfect fit. However, it requires OAuth access token. The question is: Is there any way to obtain the OAuth token from SAML assertion? The Box Embed allows embedding of folders view

Where can I dig up a Ruby or Ruby on Rails library for SAML 2.0 SSO. I have a set of enterprise applications that are to be built but need to have federated login from a central authentication system. I have used SAML 1.1 and SAML 2.0 in a Microsoft .Net environment but have yet to see a library that handles both SAML Providers and Consumers for Ruby on Rails. Can someone point me in the right direction or tell me if I need to build the library myself? The best places to look are Ruby Toolbox and Rubygems.org - if it's not there, you may try Github, but your chances are slim now. My rule is:

So my scenario goes like : I have two sites a.com and site b.com and one authentication server cauth.com . what client wants is ... When user lands on a.com or b.com user fills in the login form on respective site , but the action of form will be on cauth.com (cauth.com/authenticate). when user is authenticated on cauth he is loggined on the both sites. I am thinking to implement SAML to achieve the same and flow is like after authentication iDP(cauth.com) will send SAML response to the both the service providers and user will be given access to both the sites . I am novice in SAML and unable

I am trying to implement a SSO that is provided by another website. The instructions ask me to enter "issuer" info. Which turns out is equivalent to the EntityID URL in the EntityDescriptor. I am assuming I need to set that URL to some url on my server, but what I cant seem to figure out, is what that URL actually does. I assume a file needs to be placed at that URL with some information, but I can not seem to work out what that info is. So what info is required at the EntityID URL in order for this to work? Anders Abel The requirement is that the EntityId is a URI (not URL, in this case the

We have a website running on Caucho Resin. The great majority of the site is JSP/Java. We have our own custom authentication on the site, meaning we aren't using any third party authentication frameworks. We host the website, not our clients. Our large clients want to have their users log into our site with their active directory credentials. For this I'm assuming I will be talking to ADFS with SAML, please correct me if that is wrong. So my question is how do I go about doing that with Java? from what I can tell there is OpenSAML which sounds like it doesn't do everything, and if I want more