Questions tagged [saml]

Security Assertion Markup Language (SAML) is a standard for logging users into applications based on their sessions in another context.

Security Assertion Markup Language (SAML) is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider (a producer of assertions) and a service provider (a consumer of assertions).
SAML is a product of the OASIS Security Services Technical Committee.

Also see SAML2.0

3545 questions

votes

1 answer

Google G Suite SAML SSO domain login page

I'm usign Google G Suite and created an app which is manage users logins with G Suite SAML. (see. https://support.google.com/a/answer/6087519?hl=en&ref_topic=6304963#) Everything is works smoothly, but I have problem when users not logged in our G…

asked Feb 20 '17 at 06:38

ugurerkan

votes

1 answer

Can I provide the username to use in a SAML request? (AD FS)

When initiating a SAML authentication request (from the Service Provider), is there any way to give the Identity Provider a hint as to which username to use? In my application I know which user it wants to authenticate (based on a unique link the…

single-sign-on saml saml-2.0 adfs

asked Nov 19 '13 at 14:54

joelsand

2,245
2
21
31

votes

4 answers

Sign SAML Response with or without Assertion Signature?

When signing a SAML Response that also has a signed Assertion, should I: A) Generate the Response signature without the Assertion signature. Then inject the Assertion signature after both signatures have been generated. B) Generate the Assertion…

xml response signature saml sign

asked Aug 05 '11 at 18:21

Panman

1,157
2
8
19

votes

2 answers

Python library for implementing SAML2 based service provider and identity provider?

I am looking for a Python library which can be used to implement SAML2 based service provider and identity provider. The core library should not depend on any particular web-framework. I am looking for something which is more feature complete and…

python saml

asked Feb 20 '11 at 10:37

baijum

1,609
2
20
25

votes

3 answers

How does SAML really provide security?

After reading some articles and references, I found that they practically illustrate what is SAML, what components it contains, how it works. Some good links as follows: Good documentation about Shibboleth and SAML? What's the difference between…

saml

asked Jun 28 '12 at 02:58

lzlstyle

votes

3 answers

SecurityTokenInvalidAudienceException: IDX10214: Audience validation failed

I'm developing an ASP.NET Core 2 app using Identity and Sustainsys.Saml2 (for SAML auth). I've made the necessary configurations in the Startup.cs file. Now when I run the project and try to login using the SAML2 (as an external login), I get the…

c# asp.net-core saml sustainsys-saml2

asked Oct 16 '18 at 19:57

OnlyOneEA

votes

2 answers

single sign on (sso) laravel

I have three different laravel websites, I want to make user sign in at one website then he will be automatically logged in to the other two websites. eg. if you logged in at your stackoverflow then open stackexchange you will be logged in with…

php laravel single-sign-on saml

asked Jul 26 '18 at 07:01

Moauya Meghari

votes

3 answers

How should I be implementing the HTTP POST Protocol Binding for SAML WebSSO Profile?

I've implemented my Service Provider and Identify Provider following the SAML Profile for Web SSO using HTTP POST Protocol Binding. However, I am a bit confused as to how the Identity Provider will provide an if the HTTP POST coming…

redirect http-post saml post-redirect-get

asked Feb 03 '11 at 09:15

John

9,254
12
54
75

votes

2 answers

Google SAML app_not_configured_for_user / equivalent of prompt=select_account SAML

I'm using Gsuite as an Saml IDP to authentify users of my organisation on internal apps. Everything is working fine, except for one point: when one of my users if logged in with his/her personal account only, Google will fail with: 403 Error:…

oauth-2.0 saml http-status-code-403 google-oauth google-workspace

asked Feb 15 '18 at 11:53

Nico

1,580
14
21

votes

1 answer

Recipient vs Audience in SAML 2.0

Can somebody explain what is the difference between Recipient and Audience in SAML 2.0? I found only quite vague explanation from OneLogin…

saml saml-2.0

asked Aug 04 '16 at 22:04

Victor Ronin

22,758
18
92
184

votes

1 answer

Symfony dynamic firewall

On a large webapplication, I want our customers to be able to enable/configure their own sigle sign-on (SAML) identity provider. Each customer has it's own specific subdomain allowing our application to determine which firewall should be…

symfony firewall saml

asked Oct 13 '14 at 17:53

symfoon

votes

4 answers

OpenID Connect will eventually replace SAML as the dominant protocol for SSO?

I have seen in the some articles, It is said that OpenID Connect would replace SAML as the dominant protocol for SSO. I am not sure how openID connect would handle the session management capabilities with different service providers and how it could…

security single-sign-on openid saml openid-connect

asked Jan 21 '14 at 03:23

Asela

5,781
1
15
23

votes

6 answers

How to created signed AuthNRequest?

I am interfacing with an IDP and have a basic AuthNRequest created as follows:

x509certificate saml saml-2.0 signing

asked Mar 06 '13 at 18:58

gbhakta

votes

5 answers

Saml Authentication Request Protocol Id

When doing Http Redirect Binding with SAML2.0 protocol I should send to the Identity Provider structure like this:

security authentication request protocols saml

asked Feb 22 '11 at 10:02

Pawel

votes

2 answers

SAMLException: InResponseToField of the Response doesn't correspond to sent message

We are working on an application, which is protected with spring security saml. Authentication works fine, but there is one problem with the following workflow in production environment. user requests the unprotected address www.server.com response…

spring security spring-security saml spring-saml

asked Jul 20 '17 at 06:31

Ogod

Prev 1 2 3

…

99 100 Next