Stack Overflow
Stack Overflow

Questions tagged [saml-2.0]

Security Assertion Markup Language 2.0 (SAML 2.0) is a standard providing means to exchange authentication and authorization data between security domains. It is typically used to achieve cross-domain single sign-on (SSO) and creation of security tokens.

Security Assertion Markup Language () is an -based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider (a producer of assertions) and a service provider (a consumer of assertions). is a product of the Security Services Technical Committee.

SAML version 2 () adds digital signatures and resolves back into the SAML standard enhancements made to the SAML 1.1 () specification by other systems (for instance Shibboleth and WS-federation).

SAML 2.0 is significantly different from SAML 1.1 and is not backwards compatible, although many systems can handle both.

Questions should have this tag when they are specifically related to SAML 2.0, more general SAML questions should have the less specific tag instead.

3007 questions
1
vote
0 answers

Browser does not react on a Redirect response from AuthorizationFilter

JSF sends an redirect to the webbrowser. But for some strange reason the browers doesn't react on the redirect. I have been able to identify when this happend, but not why it happend. The system is coded in Primefaces 4.0, Glassfish 3.1.2.2, JSF…
Viggo
  • 91
  • 6
1
vote
1 answer

SSO - Industry practice with SP side SAML response validation

we are implementing SSO solution with our customers.Due to its complex nature and time sensitivity, we employed a third party security partner firm that can act as SP and redirect the request after authenticating the user. The third party firm is…
Vijay Ram
  • 285
  • 2
  • 15
1
vote
1 answer

Are there any SAML2 "Active" Profile implementation samples?

Recently, I was going through a video here that talked about a SAML active profile, where the client directly gets a SAML token from an identity provider and then, submits requests to the service provider using that token, instead of the usual…
Aritra
  • 1,234
  • 12
  • 20
1
vote
1 answer

How can I get a complete listing of users or groups in ADFS?

How can I get a complete listing of users or groups in ADFS? I know OpenAM has REST APIs to do that, is there something similar in ADFS?
Michael
  • 161
  • 2
  • 13
1
vote
3 answers

SignedXml.CheckSignature() is true, but SignedXml.CheckSignature(certificate) is false

I'm generating a SAML2 token from ADFS, signed by certificate. Now I'm trying to verify that signature, using the same certificate. X509Certificate2 cert = LoadCert(); XmlDocument token = LoadXmlToken(); //SAML2 token XmlElement signature =…
friggle
  • 3,362
  • 3
  • 35
  • 47
1
vote
1 answer

WSO2 Identity Server SAML SSO endpoint hard codes the AuthnContextClassRef

In WSO2IS v4.6.0, the AuthnContextClassRef value is hardcoded to urn:oasis:names:tc:SAML:2.0:ac:classes:Password. In fact, the SAML SSO endpoint actually authenticates users via HTTPS by default and the AuthnContextClassRef value in this case should…
E Anwar Reddick
  • 36
  • 5
1
vote
2 answers

How to query a list of users or a list of groups using SAML AttributeQuery?

I can use OpenAM to query list of users or list of groups by using its REST API: /openam/json/users?_queryID=* /openam/json/groups?_queryID=* Is there an equivalent of the above using just SAML, such as AttributeQuery?
Michael
  • 161
  • 2
  • 13
1
vote
1 answer

Error invoking IssueToken operation on WSO2 Identity Server Security Token Service

I'm getting a cryptic error message - Wrong element order encountred at Reason Here's a summary of what I am doing: I’ve applied the UsernameToken security policy to the Security Token Service. I've added my app (http://localhost:3000/) as a…
Ouananiche
  • 579
  • 5
  • 12
1
vote
3 answers

Premature end of file when I try to Extract SAMLResponse by Jmeter xpath extractor?

The value I need to extract is something in the following format : xpath
Ushani
  • 1,199
  • 12
  • 28
1
vote
1 answer

SSO Adding claims to a social login (SAML WS-Fed)

I'm trying to get my head around SSO concepts and how they fit to my situation, and I've got to the point where I'm a bit stuck. Assuming we use something like Azure AD, or Ping Identity or something along those lines, we want to enable social login…
Rosstified
  • 4,047
  • 2
  • 25
  • 33
1
vote
1 answer

wso2carbon Identity Server SSO redirect to port 9443

I'm using wso2 IS 4.8.0, my problem is that when I use the SAML2 SSO, I'm beeing redirect to port 9443 on the browser. I want to be redirected to another port: 80 or 443, because there is an apache that proxies everything. Is there a configuration…
Spyna
  • 490
  • 3
  • 12
1
vote
1 answer

Single Log out not working with Shibboleth IdP

I have been trying to implement a WEB SSO Service provider in java. I am using Shibboleth Identity Provider. Things are working fine till authentication step and I am successfully able to create a session/set cookie for a user. But when I'm trying…
Rohit Pandey
  • 119
  • 4
  • 15
1
vote
1 answer

How to restrict the XSD of SAML 2.0 Authentication Context

I have been trying to find a solution to my problem is the last 10 days, and I found nothing. So, I am trying to restrict the Authentication Context XML Schema Definition of SAML 2.0. The XSD document is accessible at…
marloncdomenech
  • 13
  • 3
1
vote
1 answer

SAML based logout

I have authenticated my application through OpenAM based IDP through SAML.Now I want to logout of my application through SAML. So my questions are : I have selected the "spSingleLogoutInit.jsp" implementation,is it the right way of doing? If its…
Phalguni Mukherjee
  • 623
  • 3
  • 11
  • 29
1
vote
0 answers

API to check SAML assertion

I am using OpenAm based SAML api, just wanted to know is their a way I can check if SAML assertion is present before doing : map = SPACSUtils.processResponseForFedlet(request, response); So that I can go for this step only if assertion is present…
Phalguni Mukherjee
  • 623
  • 3
  • 11
  • 29
1 2 3
99 100