问题
i don't know implement SAML2 protocol for my custom SP service, and i've some difficults...
I have tried this;
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://www.mydomain.ext/#/secure">
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://www.mydomain.ext/#/" isDefault="true"/>
<KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
{my_x509_certificate_generated}
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:entity</NameIDFormat>
</SPSSODescriptor>
</EntityDescriptor>
I need make it for send xml file to the IDP. What miss for make a valid SP xml file?, Thank's
回答1:
The XML you attached is an SP metadata which describes the SP properties - ID, certificate, binding support, etc... I suggest you get more familiar with SAML before getting into actual coding or configuration.
Here are some good resources:
https://github.com/jch/saml
https://en.wikipedia.org/wiki/Security_Assertion_Markup_Language
https://en.wikipedia.org/wiki/SAML_2.0
In case you'r implementing your SP with JAVA, here are some good libraries you can use: OneLogin's SAML Java Toolkit - https://github.com/onelogin/java-saml
Okta SignIn widget - https://github.com/okta/okta-signin-widget
LastPass SAML SDK for Java - https://github.com/lastpass/saml-sdk-java
Dead Simple SAML 2.0 Client - https://github.com/coveo/saml-client
pac4j - http://www.pac4j.org/docs/clients/saml.html
来源:https://stackoverflow.com/questions/46099042/how-i-can-generate-a-valid-sp-xml-file-for-saml2