Stack Overflow
Stack Overflow

Questions tagged [saml]

Security Assertion Markup Language (SAML) is a standard for logging users into applications based on their sessions in another context.

Security Assertion Markup Language (SAML) is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider (a producer of assertions) and a service provider (a consumer of assertions).
SAML is a product of the OASIS Security Services Technical Committee.

Also see SAML2.0

3545 questions
1
vote
1 answer

saml & oauth -- existing idp

I am going in circles while determining a best, "lightweight" route in having both saml and Oauth server capabilities Requirements Have a heavy weight saml idp perfectly running and integrated into apps (shib) Users need to use a unique combo of…
tech_geek
  • 147
  • 2
  • 11
1
vote
0 answers

SP initiated SAML logout response success, Idp does not log user out

I have created a SAML library in my app that creates an authentication request and is successfully logged in, but when it sends a LogoutRequest, the response shows: "samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" This should…
Adam Richardson
  • 11
  • 1
1
vote
2 answers

Why is kerberos commonly used with Openam?

For a school project we must bind Wildfly with Kerberos and OpenAM over the SAML connection together. I was searching on the internet and had read that kerberos and openAM are commonly used together. I don't understand why. kerberos and openAM are…
jurh
  • 420
  • 1
  • 4
  • 17
1
vote
1 answer

Validate Java SAML Response in C#

I was looking at the various posts around Validating SAML Response generated by Java in C#. I have been trying all the suggestions and am still getting a False from the SignedXml.CheckSignature and am totally out of ideas now on what could be wrong…
user495261
  • 11
  • 3
1
vote
0 answers

How to use issuedtokenmixedasymmetricbasic256sha256 endpoint of ADFS?

I've got 2 Relying Party Trusts (App1, App2) configured in ADFS, after the user's authentication following the SAML Web flow, finally App1 got a SAML Token: SamlToken1. The current situation is, the user's browser cannot visit App2 due to a…
Liu Xingnan
  • 51
  • 6
1
vote
0 answers

Create Custom Attributes for SAML in Azure

I have a custom application for which I am setting up single sign on using Azure Active Directory. I created application in Azure and configured single sign on. I used Azure metadata in my application and could login successfully using single sign…
Maz
  • 653
  • 12
  • 22
1
vote
1 answer

How to use Certificate fingerprint instead of Certificate in .NET toolkit

I am using the OneLogin .NET toolkit for ADFS authentication. In the AccountSettings.cs page it's asking for certificate but my client has only provided fingerprint of the certificate. How can I use the certificate fingerprint in the code?
Varun Surana
  • 47
  • 4
1
vote
0 answers

Pass Variables from Apache to JBoss?

I've been requested to get an old JBoss application working with Shibboleth. The server already has Shibboleth set up. When you attempt to access the JBoss application, you're taken to a Shibboleth login screen (if you haven't already logged in with…
ArtOfWarfare
  • 20,617
  • 19
  • 137
  • 193
1
vote
1 answer

About signed saml request and response attached key

I am wondering why the saml signed request and response XML attached key. I saw the signature comes with a certificate? Shouldn't the certificate already be negotiated ahead of time between SP and IDP? I am just wondering if the attacker can sign…
Shaozhen Ding
  • 187
  • 1
  • 11
1
vote
0 answers

How to decode saml 1.0 response (no xml) with php

I'm new to SSO and never worked with SAML, so that's why I'm asking this question here. When I try to log in into the SSO system, they are forwarded to my website with the following values in the $_POST Note that I sometimes added 3 dots to reduce…
jens_vdp
  • 594
  • 1
  • 4
  • 18
1
vote
0 answers

How to get SAML Response from SAML Request?

I'm trying to log into a system which has SAML authentication set up. I'm using cURL in PHP to redirect to the authentication page, sign in the form, and return back to homepage. So far, I am able to login successfully to the form but redirecting…
BaBazinga
  • 159
  • 1
  • 13
1
vote
2 answers

SAML: Communication between Service Providers?

I've been tasked with writing a SP (Service Provider) for SAML v2.0 in ASP.NET, and I wonder the following; If a user logs in on the main SP for a service (where my SP becomes accessible for a user as an anchor/link, unless previously bookmarked),…
Zolomon
  • 9,359
  • 10
  • 36
  • 49
1
vote
1 answer

How can I add my Tomcat Application in onelogin for SAML?

I am having a Web Application running on tomcat and hosted on amazon, I want to add it as an SAML Service Provider which allows single sign on(SSO) in onelogin(https://www.onelogin.com/) I have a free trial account in one login, and In Add App…
Jerry
  • 987
  • 4
  • 16
  • 46
1
vote
0 answers

Is it posible to add URLs to be authenticated using SAML (via Spring Security) at runtime?

We're currently attempting to add SAML integration to our project and one of the requirements is that an administrator can use the system to add authentication to a part of the website. For instance, if the app was hosted at "foo.com" then they…
matt_sunrise
  • 11
  • 2
1
vote
1 answer

Notes authentication without nab entry

Currently we are evaluating a SAML solution as a corporate user authentication system. The goal is to have only SAML as the main system without any redundancy of user data throughout different platforms. Even if SAML authenticates the user how can…
user2316219
  • 304
  • 1
  • 11
1 2 3
99 100