SAML simple example for beginners

后端 未结 2 986
春和景丽
春和景丽 2021-01-30 08:47

I am beginner to the SAML v2.0 technology and I get the theory knowledge but I didn\'t find any examples on Google. Can anybody provide me with a step by step example for simple

相关标签:
2条回答
  • 2021-01-30 09:22

    Typical SSO with SAML is something called Web SSO Profile. There are many products supporting this on the market for example OpenAM, Shibboleth, OpenSAML and Oracle Identity Federation. The specific configuration is dependant on what product you choose to use. A working example of OpenSAML that I use in my book is availible here.

    On a SAML level, the SP and IDP exchanges Metadata which contain configuration information on how the SP and IDP want to communicate.

    SSO is then done in four steps:

    1. SP sees that the user does not have an authenticated session.
    2. The SP redirects the user to IDP with a SAML AutnRequest as an URL parameter.
    3. The IDP authenticates the user and redirects it back to the SP with an artifact in URL parameter.
    4. The SP exchanges the Artifact for an Assertion over SOAP using a ArtifactResolveRequest to the IDP.

    If you want to code this yourself in Java, you can use OpenSAML. On my blog I have many examples on how to use it.

    In my book, A Guide To OpenSAML, I write alot about this

    EDIT New edition of the book is out, covering OpenSAML v3

    0 讨论(0)
  • 2021-01-30 09:35

    You can simply follow steps in this manual, which will help you create a simple SAML 2.0 federation between a local Service Provider and a public Identity Provider.

    Once you set this up you can use it to follow messages sent between IDP/SP and also as an example of a SAML component built with Java + OpenSAML + Spring.

    There are also many other good sources of information on SAML, like the Stefan's blog mentioned above.

    0 讨论(0)
提交回复
热议问题