Questions tagged [saml-2.0]

Security Assertion Markup Language 2.0 (SAML 2.0) is a standard providing means to exchange authentication and authorization data between security domains. It is typically used to achieve cross-domain single sign-on (SSO) and creation of security tokens.

0
votes
0answers
9 views

Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'.. Spring-boot

I am trying implement saml authentication with Okta following the tutorial Spring Boot, SAML, and OKTA After authentication I need to be redirected to the index.html but it is taking me to ...
0
votes
0answers
19 views

Single logout not working in asp.net core SAML 2

What nuget packages are you using Sustainsys.Saml2.AspNetCore2 packages is being using to consume SAML from ADFS 4.0 What is the expected behaviour When I initiate single logout by calling "Saml2/...
0
votes
0answers
4 views

Create React app for our SAML based IdP in AWS Cognito

We would like to use AWS Cognito for authentication and authorisation. But we can't transfer our user data to AWS Cognito User Pool, instead we need to authenticate users through our own SAML based ...
0
votes
1answer
17 views

Trying to create Login to Headless Wordpress through React Web App

I'm kind of new to React. I am currently trying to build a Web App for my Organization's magazines, but the first hurtle we need to jump over is the login verification. Since all of our subscribers ...
0
votes
1answer
10 views

LDAP configuration to whitesource which uses YAML. How do I approach this to use LDAP configuration?

I am trying to migrate our companies Active Directory using LDAP to whitesource, however it does not officially support LDAP. I am trying to see if there is a way to install SAML on my LDAP which ...
0
votes
0answers
16 views

Single Logout error with Salesforce configured as a SAML Service Provider

I'm setting up single logout functionality between SAML Identity Provider and multiple Service Providers. All service providers are accepting SLO requests and log out successfully, except application ...
0
votes
1answer
21 views

Is identity providers ignores SAML specification or it isn't require that logout request and responces must be signed?

SAML specification says next "The message MUST be signed if the HTTP POST or Redirect binding is used." and the same for LogoutResponse. But when I look for settings in different identity providers(...
1
vote
1answer
21 views

In spring security saml, Unable to GET /saml/login

I'm working with spring security SAML, following the example of SAML authentication found here. I'm implementing the contents of the file WebSecurityConfig.java, in my project. I've copied that file ...
0
votes
1answer
27 views

Consume a private API using Azure AD and SAML 2.0

I have a client API app that consumes a private API from a web application, I use Bearer authorization to authenticate. I get the Bearer using the following call: grant_type=password&username={...
-1
votes
1answer
19 views

Is OAuth preferred for mobile devices?

I have been trying to understand when to use OAuth vs SAML. Several sites, including this one -- https://dzone.com/articles/saml-versus-oauth-which-one, say when a mobile device is involved, OAuth 2 ...
0
votes
1answer
21 views

SAML on Android

I'm trying to implement SSO in my Android application. I already have an Identity Provider (Duo Access Gateway), which is currently being used in my company. I'm unable to find any guides or ...
0
votes
0answers
7 views

Can I send a SLO Url Index with logout Request

I'm using SAML 2.0. If my app is running in development, I want the IDP to redirect the LogoutResponse to by DEV SLO url and if my app is running in production, I want the IDP to redirect the ...
0
votes
0answers
20 views

Why AzureAD expects estsrequest parameter in relay state for SAML IDP initiated workflow

We have created a new SAML connector using a generic template in Symantec VIP access manager. We have configured Azure AD as relying party(Service Provider) in this SAML connector with IdP-initiated ...
0
votes
1answer
28 views

Invalid SAML AuthN Request

By trying to set up an SSO connection (sp initiated) between my SP and an IDP using ADFS, I am not able to get an answer from the IDP. The problem is that this IDP is a black box and i do not have the ...
0
votes
0answers
19 views

SSO Single Logout, session timeout in one of Service Providers

I'm working on integrating Single Sign On into a set of web applications. The applications are using 'front channel' single logout which is performed via set of redirects from SP to Idp and back ...
1
vote
0answers
18 views

SAML 2.0 on Android using Duo Access Gateway

My company uses Duo Access Gateway as our SAML 2.0 Identity Provider. I have an Android native application in which I need to implement SSO. I've tried searching for guides/tutorials on how to ...
0
votes
0answers
18 views

Searching for entity descriptor with an entity ID [GSuite Saml Application]

I have been using google custom saml application to sso my organization apps. I had to delete my old gusite account and I created a new gsuite account. After configuring new gsuite I'm not able to do ...
0
votes
1answer
33 views

How does Single-logout works with OKTA(IDP)-Shibboleth(SP)-App

OKTA-Shibboleth(Apache)-Nakisa(Tomcat) SSO is working for logging-in. Now, I need to configure Logout. So, user logs out from the app, user needs to be redirected to OKTA page with tiles. But, ...
0
votes
1answer
30 views

Using a string instead of URL as an entityID with SAML

We are implementing a SSO with SAML and Moodle 3.3's plugin https://moodle.org/plugins/auth_saml2 Usually moodle provides an entityID as an URL, for example: entityID="https://mymoodlesite.com/auth/...
0
votes
1answer
23 views

SAML 2.0 Identity Provider

Is it worth to consider SAML 2.0 as Identity Provider for legacy WIF clients? Are there some benefits comparing to Identity Server 4 or other OpenId/OAuth2 based solutions?
0
votes
1answer
16 views

SAML metadata negotiation process

I'm a Service Provider (SP) who wants to support multiple Identity Providers (IdP) via Web SSO profile. I'm struggling to understand how should I negotiate SAML features (e.g. signing/not signing ...
0
votes
2answers
73 views

Creating Policy for SAML's IAM role

I'm trying to create a policy for an IAM role for my federated users (authenticating through my SAML provider). I'm following Creating a Role for SAML 2.0 Federation (Console) - AWS Identity and ...
2
votes
1answer
28 views

SAML2: Does the Service Provider or Identity Provider create the X.509 certificate?

I created a SAML2 Identity Provider using ComponentSpace's .net library. We have a 3rd party app that will act as the Service Provider. I know that X.509 certificates are used, but who creates the ...
1
vote
2answers
31 views

How do I expose WS-Federation metadata on ASP.NET MVC 5?

I have a SAAS app built with ASP.NET MVC 5 and I've several clients accessing my app through forms authentication and that works fine, but one of my clients that is a big enterprise company, required ...
-1
votes
0answers
15 views

How to transform SSO TOKEN SAML V2 =>Kerberos and Kerberos=> SAML V2 in Power BI Report Server

As part of a Power BI On premise reporting project (Data Source, Datamart, Cube, Power BI Reports). I am forced to go through a directory using SAML V2 as a protocol for setting up the SSO (Single-...
-1
votes
0answers
12 views

How to Integrate keycloak as identity provider with weblogic 12.1.3 as a service provider?

I want to implement SSO for Oracle ADF applications through keycloak, so how to integrate keycloak with weblogic using SAML2 to be able to authenticate in the ADF application through keycloak ?
0
votes
0answers
19 views

Configuring SAML Single Logout (Okta/NodeJS/saml2-js). What should logout response endpoint do?

I am using saml2-js with Okta. So far I am able to logout. It seem to work according to Okta logs. The question is what should the logout response endpoint do? I am refering to the one I specify under ...
0
votes
1answer
18 views

SAML Logout fails: Issuer does not match (NodeJS + Okta)

I am trying to do a logout with SAML with Okta as my IdP. I am getting "Issuer does not match" in Okta logs: I have already setup single logout: With the cert uploaded being my SP public key. ...
0
votes
0answers
50 views

Cannot resolve symbol 'SamlServerConfiguration' in Spring Security

I have a spring-boot project where I'm trying to create a SAML2 identity provider (IdP) using spring-boot-starter-security (v2.1.4.RELEASE) and spring-security-saml2-core (v1.0.9.RELEASE) packages. I'...
0
votes
0answers
11 views

How do I configure multiple AWS Connect instances from different accounts with AWS Single Sign On in a top level account?

I am setting up our telephony system in AWS and we're utilizing AWS Single Sign On for our primary SAML authentication. This has worked fine for normal cli and console access but has kind of been a ...
1
vote
2answers
60 views

Spring SAML: alternative ways to generate SP metadata besides using /saml/metadata endpoint

Background: my web-app is running in PROD, and real users are using it. The initial authentication was implemented using Spring Basic Security. Recently, client decided to use SSO for authentication,...
2
votes
0answers
91 views

How do I integrate SAML 2.0 in micronaut?

I followed this tutorial and completed setup, but I do not understand how do I use it in Micronaut? Please help me with the following? Using io.micronaut.context.env.Environment I can load specific ...
0
votes
1answer
40 views

How to call SAML (http-post binding) based REST APIs using Angular?

I have OData REST APIs protected with SAML 2.0(POST binding) and I have Angular 2+ client application. How can I call these REST APIs using Angular application? When I use Angular HTTP client import ...
0
votes
0answers
31 views

How to consume Azure assertion?

For an app registered with Azure AD with SSO, Reply URL (Assertion Consumer Service URL) is say https://uat.mycompany.com/MyApp/admin/acs This endpoint is represented by Spring RestController class. ...
-1
votes
0answers
10 views

SAML using apigee

I am using SAML Authentication to connect to some external. service provider. When I am directly hitting the service by http post by form submit, I am able to land in to the portal. If I am posting ...
0
votes
1answer
70 views

WSO2 APIM Identity responds back username or domain/username in the NameID of a SAML SSO response

Claims are getting changed for an SAML2 respone. We use Local Claim dialect to add claims from our LDAP which is configured with WSO2 APIM embedded IS. On both of the versions of WSO2 APIM 2.5.0 and 2....
0
votes
0answers
37 views

How does the KeyManager on Spring SAML extension work?

I'm trying to follow some Spring samples to run a simple Service Provider app. I've found two great ones: https://github.com/vdenotaris/spring-boot-security-saml-sample https://github.com/...
3
votes
1answer
79 views

Generate ACS url with express and passport-saml for Gsuite SSO

I'm implementing a SAML based SSO with nodejs using express and passport-saml for GSuite. I'm able to configure the first part and get passport-saml to redirect me to the google login page. But I'm ...
0
votes
0answers
21 views

Passportjs + SAML2.0 Single Sign on

Recently i did implementation of the Single sign on (SSO) using the Passportjs+SAML . it was working fine no issues on that. but i have few question to understand better. I did the see the flow ...
0
votes
0answers
17 views

spring security saml dsl continuous redirects

Spring Boot app on starts show below: 2019-04-15 21:38:39.745 INFO 9532 --- [ restartedMain] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: Ant [pattern='/saml/login/**'], [...
0
votes
1answer
83 views

SAML2 - Response doesn't have any valid assertion which would pass subject validation

I had a solution to authenticate using SAML2 that integrates correctly with the idp in the test enviroment. Then now in the production server I am getting this error when the saml response (POST ...
2
votes
2answers
74 views

Signing a SAML response generates CryptographicException: An XmlDocument context is required for enveloped transforms

I am trying to sign the following SAML assertion using System.Security.Xml. <saml:Assertion xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ...
0
votes
1answer
59 views

Dynamic schemes SAML 2.0 for IdentityServer4 with IAuthenticationSchemeProvider

I'm trying to setup IdentityServer4 to work with multiple external IdPs which are added dynamically with the help of IAuthenticationSchemeProvider's AddScheme method. I've successfully done it for ...
0
votes
2answers
49 views

saml okta redirect idp fails

I have created a SAML 2.0 App on okta and have finished all the configurations. I then attempt to do an authorization from my application, by doing a redirect to the okta idp -> http://www.okta.com/...
1
vote
0answers
10 views

OWIN External Cookie disappearing

Intermittently our External authentication cookies are not returning. We are using OWIN as the middleware layer .Net 4.62 SessionState Systain SAML 2 IIS Web Servers The following links refer ...
0
votes
0answers
21 views

Configure Multiple Metadta IDP for Web Application

I am using spring-saml in multitenant web platfrom to build an Identity Provider . I have configured metadata for my platform and everything works fine ,but i am using only one idp for all ...
1
vote
2answers
84 views

Azure Active Directory SSO with Asp.net Webforms

We have an Asp.Net Webforms application in .Net 3.5, which is already having an authentication module with FormsAuthentication. For a new requirement, we need to implement SSO(SAML) with Azure Active ...
0
votes
0answers
22 views

How to validate external IDP session after x minutes?

I'm working on a SaaS offering, and we are using IdentityServer 3 for authentication. To support Single Sign On with external identity providers, we are using SAML2p with Sustainsys Saml2 Owin ...
0
votes
1answer
67 views

Spring - How to implement Single Sign-On with SAML 2.0

How is SSO with SAML 2.0 typically implemented for a Spring MVC application? My application is required to implement SSO so the users can log in without creating a new account with my application. ...
0
votes
1answer
46 views

What means the “SP Entity/IdP Audience” parameter in saml configuration for service provider?

In documentation for configuration saml protocol for Looker I find SP Entity/IdP Audience property and that confuse me so much because I don't understand which element in saml request this property ...

http://mssss.yulina-kosm.ru