0

We have implemented SAML SSO in our existing application in spring. Our IDP (identity provider) has categorised login/signup window on the basis of parameter that will be passed by us (service provider).The actual scenario is something like this :- They have multiple client for our application(client 1, client 2 etc..) and they have customised the their end using these client id(different for different clients). Now the problem is that SP initiated SSO is not working fine because as our url's are too generic they dont have client id as parameter so if and when IDP decides to show the login window they are not able to decide which one to prompt(since we did not provide the client id in url). We want to add client id in each url dynamically without drastic change in our application. Could you suggest possible ways to do that??

Ajit Kumar
  • 41
  • 1
  • 7
  • See this for `Extensions` element: http://stackoverflow.com/questions/29254589 – Ritesh Apr 01 '16 at 20:08
  • We did implement the code you mentioned above. We are able to see added parameter in final url sent to IDP. But we want to print final authnRequest object sent to IDP. Could you please suggest a way to do this?? Thanks in advance – Ajit Kumar Apr 04 '16 at 04:25
  • If you have extended the `WebSSOProfileImpl` to add extensions then you can very well print the `AuthnRequest` in the same `getAuthnRequest` method. That's the final authnRequest object sent to IDP. – Ritesh Apr 04 '16 at 05:02
  • I looked into the code from the link mentioned above. In the buildextension() method, could you explain what does this line of code does : XSAny languageClass = new XSAnyBuilder().buildObject("http://www.v7security.com/schema/2015/04/request", "RequestLanguage", "req"); – Ajit Kumar Apr 04 '16 at 06:17
  • It adds the extensions element to the request as `urn:v7security:request:lang:english` – Ritesh Apr 04 '16 at 21:04
  • Thanks for your reply. Could you suggest ways to send multiple attributes in authentication request to IDP via using extenson : md:Extensions? We are able to send on attribute but XML is failing when we try to send multiple attributes. – Ajit Kumar Apr 05 '16 at 08:10
  • Instead on setting text content, you could add any arbitrary xml structure as you like in extensions via `setDOM()` method. Also if you have key value pairs then one option is to set them as attributes like `languageClass.getUnknownAttributes().put(new QName("key1"), "value1");` – Ritesh Apr 05 '16 at 18:48

0 Answers0