3

I am going to implement Single Sign On using ADFS and SAML 2.0. I have done alot of search on where to start the process. I am provided with the URL of the ADFS service. Do I need to hit that url with GET/POST request having an SAML 2.0 Assertion as a request parameter? Actually I wanted to ask that what will be the exact flow for this and what exactly the SAML request be like? And how I will initiate the request with ADFS?

I am going to develop the SP (Service Provider) in Java by using OpenSAML library.

Muhammad Salman Farooq
  • 1,325
  • 9
  • 26
  • 54
  • 1
    Just some more information in addition to nzpcmad answer: Saml 2.0 assertion is supposed to be sent to your SP via a Response message. In other words, ADFS will send it to your SP. The AuthnRequest doesn't contain any assertion. – Thuan Apr 02 '15 at 04:29
  • The best option is to understand this, is just configure ADFS on windows and try to integrate ADFS as IdP and use already implemented SAML SP like AWS. Then you can undertand how it's work. – Elshan Aug 21 '20 at 02:07

1 Answers1

1

Shibboleth uses OpenSAML and is open source - take a look at how they implemented this.

There are a number of code examples around e.g. OpenSAML Examples.

To federate with ADFS, follow a similar pattern as e.g. A Quick Walkthrough: Setting up AD FS SAML Federation with a Shibboleth SP or (in far more detail) AD FS 2.0 Step-by-Step Guide: Federation with Shibboleth 2 and the InCommon Federation.

rbrayb
  • 46,440
  • 34
  • 114
  • 174
  • 1
    I have my own ADFS setup, therefore want to avoid Shibboleth Do you have any pointers for sample java program where a SAML request is sent to AFDS and ADFS responds? – Bhushan Karmarkar May 05 '19 at 15:30