Questions tagged [saml-2.0]

Security Assertion Markup Language 2.0 (SAML 2.0) is a standard providing means to exchange authentication and authorization data between security domains. It is typically used to achieve cross-domain single sign-on (SSO) and creation of security tokens.

Security Assertion Markup Language (saml) is an xml-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider (a producer of assertions) and a service provider (a consumer of assertions). saml is a product of the oasis Security Services Technical Committee.

SAML version 2 (saml-2.0) adds digital signatures and resolves back into the SAML standard enhancements made to the SAML 1.1 (saml-1.1) specification by other systems (for instance Shibboleth and WS-federation).

SAML 2.0 is significantly different from SAML 1.1 and is not backwards compatible, although many systems can handle both.

Questions should have this tag when they are specifically related to SAML 2.0, more general SAML questions should have the less specific saml tag instead.

3007 questions

votes

1 answer

Single Sign-On in Spring by using SAML Extension and Shibboleth

I'd like to implement a Single Sign-on (SSO) authentication layer in my Spring-based application with the aim of supporting authentication and authorization from different security domains. I've chosen Shibboleth as IdP, but I have yet to identify…

spring-security single-sign-on saml-2.0 shibboleth spring-saml

asked Apr 07 '14 at 09:31

vdenotaris

13,297
26
81
132

votes

2 answers

How do I correctly prepare an 'HTTP Redirect Binding' SAML Request using C#

I need to create an SP initiated SAML 2.0 Authentication transaction using HTTP Redirect Binding method. It turns out this is quite easy. Just get the IdP URI and concatenate a single query-string param SAMLRequest. The param is an encoded block of…

c# saml-2.0 sharpziplib

asked Aug 23 '12 at 11:19

biofractal

18,963
12
70
116

votes

2 answers

IDP initiated SAML login error - Authentication statement is too old to be used with value

We are using ADFS as an IDP and our application acts as SP. Below is a sample Auth response

spring spring-security saml-2.0 spring-saml

asked May 29 '15 at 11:38

rakpan

2,773
4
26
36

votes

2 answers

REST API authentication with SAML

I'm struggling to design a SAML2.0 authentication for a REST API using a gateway. REST is used between my backend and my application. I'm using Java Servlet filter and Spring. I see two possibilities: Adding the SAML tokens into the header each…

java rest session saml saml-2.0

asked Oct 18 '13 at 09:27

Nereis

votes

4 answers

How should I implement SAMLP 2.0 in an ASP.NET MVC 4 service provider?

I'm developing an MVC 4 web application in C# and want to handle login using an existing SAML 2.0 identity provider. I am using HTTP POST binding with SimpleSAMLphp. It seems like, in .NET 4.5, I should be using Windows Identity Foundation. First, I…

c# asp.net .net asp.net-mvc saml-2.0

asked Feb 25 '14 at 04:30

sjy

2,702
1
21
22

votes

4 answers

AWS VPN using federated login with Google IdP - app_not_configured_for_user

I'm trying to setup a VPN connection using a federated login with Google IdP following these instructions. Previously, I had configured a saml-provider with Google and it worked fine to authenticate users to the AWS console through Google using ARN…

amazon-web-services vpn saml-2.0 idp

asked Jul 29 '20 at 10:36

Cyril Duchon-Doris

12,964
9
77
164

votes

1 answer

How to configure service provider with spring-security-saml2 to consume EncryptedAssertions?

I am using this excellent repo vdenotaris/spring-boot-security-saml-sample as a guide and I am trying to set it up to verify and decrypt incoming SAML messages that contain EncryptedAssertion. The idP's metadata defines the signing and encrypting…

java spring-boot spring-security saml-2.0 spring-security-saml2

asked Apr 05 '19 at 15:57

george_h

1,562
2
19
37

votes

3 answers

Spring Boot and SAML 2.0

Is there a way to integrate SAML 2.0 in a Spring Boot-based application? I'd like to implement my own SP and communicate with a remote IdP.

spring saml-2.0 spring-boot

asked Apr 18 '14 at 08:14

vdenotaris

13,297
26
81
132

votes

3 answers

Django and Shibboleth

I'm investigating the options for using Shibboleth in a Django deployment. From what I've found, things look somewhat sparse. Can anyone comment on the following? Is anyone using the django_shibboleth module (see…

python django shibboleth saml-2.0

asked Oct 21 '11 at 13:38

user1007116

votes

4 answers

Google SAML SSO - 403 app_not_configured_for_user error when signed into personal Google account

I'm working on a SAML SSO integration for our app using Google / G Suite. Our customers configure our SAML app in their company's G Suite admin settings. The integration works correctly in most cases: Suppose you're not signed into a Google account…

google-api single-sign-on saml saml-2.0 google-sso

asked Oct 03 '19 at 17:04

Sohan Jain

2,318
1
16
17

votes

1 answer

Identity server 4 with SAML 2.0 as external identity provider for SSO

I am using identity server 4 for authentication to my ASP.Net Core solution. And it is working well with Facebook, Google and other external identity provider. And now I am trying to add SAML 2.0 authentication to the identity server using…

asp.net-core-2.0 saml-2.0 identityserver4 asp.net-core-mvc-2.0 sustainsys-saml2

asked Mar 01 '18 at 22:15

Jay

votes

2 answers

What is the relation between CAS vs SAML?

I understand that CAS and SAML are different protocols used for Single-sign on purposes but, what confuses me is articles that say "CAS has an SAML implementation". Aren't CAS and SAML different ways of how Single Sign-on can be implemented ? Lets…

single-sign-on saml saml-2.0 cas

asked Apr 28 '17 at 09:22

yathirigan

5,619
22
66
104

votes

4 answers

Signature trust establishment failed for SAML metadata entry

In order to fetch metadata from a remote source, I defined an ExtendedMetadataDelegate bean as follows: @Bean @Qualifier("replyMeta") public ExtendedMetadataDelegate replyMetadataProvider() throws MetadataProviderException { String metadataURL =…

java spring spring-security saml-2.0 spring-saml

asked Aug 18 '14 at 12:47

vdenotaris

13,297
26
81
132

votes

2 answers

SSO with Laravel Passport

I'm thinking to develop a full-fledged Identity System in Laravel 5 with Passport. Following is my requirement: I should have main identity management app like identity.mysite.com where all of my users are stored. I have 2 other applications APP1,…

laravel laravel-5 oauth-2.0 saml-2.0 simplesamlphp

asked Mar 05 '17 at 13:39

Sahil Purav

1,324
4
19
32

votes

2 answers

Can SAML do Authorization?

I know that SAML can be used for user Authentication, but what about the permission levels a user has? Can it also be used for Authorization as well? If not, what are the best alternatives for Open Source Authorization software?

authorization saml-2.0

asked Jan 23 '15 at 12:32

nerdy_chai

Prev 1

…

99 100 Next