Stack Overflow
Stack Overflow

Questions tagged [saml]

Security Assertion Markup Language (SAML) is a standard for logging users into applications based on their sessions in another context.

Security Assertion Markup Language (SAML) is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider (a producer of assertions) and a service provider (a consumer of assertions).
SAML is a product of the OASIS Security Services Technical Committee.

Also see SAML2.0

3545 questions
22
votes
2 answers

SAML 2.0: How to configure Assertion Consumer Service URL

I am implementing a SAML 2.0 Service Provider which uses Okta as the Identity Provider. I would like to configure the Assertion Consumer Service (ACS) URL so that the SAML 2.0 from my Service Provider app is reflected back in the assertion. However,…
Venkat Rangan
  • 385
  • 1
  • 2
  • 7
22
votes
2 answers

REST API authentication with SAML

I'm struggling to design a SAML2.0 authentication for a REST API using a gateway. REST is used between my backend and my application. I'm using Java Servlet filter and Spring. I see two possibilities: Adding the SAML tokens into the header each…
Nereis
  • 486
  • 1
  • 4
  • 21
21
votes
6 answers

Web SSO using Java and SAML 2.0

I'd like to write a web application which does the authentication using SAML 2.0 tokens, issued by an identity provider. I understand, according to this question, that there is a viable solution in the PHP world using simpleSAMLphp. Is there an…
spa
  • 5,059
  • 1
  • 35
  • 59
20
votes
2 answers

How to get group membership or roles from a Google Apps SAML2 Identity Provider

I did setup my Google Apps for Work Unlimited account to act as SAML2 Identity Provider and register my web application as Service Provider (as explained in the links below). It works great, I can login into my app after login into google with a…
pabloelustondo
  • 2,196
  • 3
  • 19
  • 23
20
votes
2 answers

LDAP vs SAML Authorization

I'm currently investigating moving an asset tracking system from LDAP to SAML. There are two main areas where our software currently uses LDAP. The first is authentication. In order to access the system today you need to successfully authenticate…
Staros
  • 3,232
  • 6
  • 30
  • 41
20
votes
2 answers

Verify digital signature in SAML response against certificate in PHP

I am a newbie to SSL certificate thing. so a little cautious about what I've done so far. I am creating an application that uses SSO to authenticate the users using PHP 5.4. What I have: a certificate (.pfx) provided by the party. encrypted SAML…
MJ Khan
  • 1,696
  • 3
  • 21
  • 36
19
votes
2 answers

Sample .NET code for a SAML Identity Provider

I'd like to use SAML to allow authenticated users of a website to login to other federated sites. In single sign-on parlance, that means my site needs to become an Identity Provider. Can anyone point me to sample .NET code or documentation for…
sheikhjabootie
  • 7,308
  • 2
  • 35
  • 41
19
votes
3 answers

What do I need to know about XML Signatures to get SAML working?

At work we have a web app that we'll need to interface with another company's web app using Single Sign On validated by SAML. Our web apps are written in PHP, and it's obviously irrelevant what language choice the other company is using.…
soapergem
  • 9,263
  • 18
  • 96
  • 152
18
votes
4 answers

Google SAML SSO - 403 app_not_configured_for_user error when signed into personal Google account

I'm working on a SAML SSO integration for our app using Google / G Suite. Our customers configure our SAML app in their company's G Suite admin settings. The integration works correctly in most cases: Suppose you're not signed into a Google account…
Sohan Jain
  • 2,318
  • 1
  • 16
  • 17
18
votes
2 answers

What is the relation between CAS vs SAML?

I understand that CAS and SAML are different protocols used for Single-sign on purposes but, what confuses me is articles that say "CAS has an SAML implementation". Aren't CAS and SAML different ways of how Single Sign-on can be implemented ? Lets…
yathirigan
  • 5,619
  • 22
  • 66
  • 104
18
votes
3 answers

How to crawl a website that has SAML authentication using ManifoldCF or nutch?

I am trying to crawl a website, more specifically a Google Site using ManifoldCF that has SAML authentication and index the crawled data into Apache Solr. But as I crawl the URL, it gives me 302 redirection to login page and then says…
Saurabh Chaturvedi
  • 2,028
  • 2
  • 18
  • 39
18
votes
1 answer

understanding Shibboleth and SAML

I have a Drupal site I am standing up for a client. I've been asked to use Single Sign on using SAML2 (where I would be the service provider and my client would be the identity provider). The best thing I have found so far has been…
Hortitude
  • 13,638
  • 16
  • 58
  • 72
17
votes
1 answer

How to logout from Saml2aws cli session or do force login

I have installed saml2aws & awscli, to connect with one of the OKTA system. I have made few changes in the config and want to reload new, but struggling with how to logout from session
Error Hunter
  • 1,354
  • 3
  • 13
  • 35
17
votes
1 answer

SAML 2.0 Service Provider in Python

I am looking to implement a SAML 2.0 based service provider in Python. My web apps are currently all Flask applications. I plan to make a Flask blueprint/decorator that allows me to drop single sign-on capabilities into preexisting applications. I…
steve
  • 2,488
  • 5
  • 26
  • 39
17
votes
3 answers

Recipient endpoint doesn't match with SAML response

Usually my Spring SAML-based Service Provider (SP) implementation works fine, but sometimes it returns this error: [2014-07-17 16:00:58.767] boot - 1078 DEBUG [http-bio-80-exec-1] --- BaseMessageDecoder: Successfully decoded message. [2014-07-17…
vdenotaris
  • 13,297
  • 26
  • 81
  • 132
1 2
3
99 100