saml

问题 I'm relatively new to SAML and came across the OneLogin Python SAML library. I was able to get it up and running with my web app being the Service provider (SP) and OneLogin being the Identity Provider (Idp). I would like to be able to add support for other Identity Providers as well. However, I find that the python-saml library is using a settings.json to get the Idp information. I have looked at the following issues on their Github project but have been unable to get an actionable solution:

问题 SAML Response <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"> <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status

问题 SAML Response <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"> <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status

问题 SAML Response <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"> <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status

问题 How do I configure OpenAM (with OpenDS behind it as the identity provider) to encrypt the SAML Response Assertion? The messages are working fine, but I want to encrypt the Assertions with a certificate I have placed into the OpenAM keystore.jks. I can't find anything in the documents. 回答1: SAML does not support ecryption of the whole Response and there shoudnt be any sensetive information in it besides in the assertion. The assertion or attributes is probably what you want to encrypt.

问题 I have a test ASP.NET Core 2.0 web application that authenticates the user using SAML. All is well if the URL typed in the browser matches the case of the web app name in IIS 10 (ex. .../MyTestSite). However, if the user types a different case (ex. .../mytestsite) they will fail to authenticate. In code, the point of failure is in the OnGetCallbackAsync method of the ExternalLogin class at this line: var info = await _signInManager.GetExternalLoginInfoAsync(); Since info == null in these

问题 I have a test ASP.NET Core 2.0 web application that authenticates the user using SAML. All is well if the URL typed in the browser matches the case of the web app name in IIS 10 (ex. .../MyTestSite). However, if the user types a different case (ex. .../mytestsite) they will fail to authenticate. In code, the point of failure is in the OnGetCallbackAsync method of the ExternalLogin class at this line: var info = await _signInManager.GetExternalLoginInfoAsync(); Since info == null in these

问题 We have a SAML 2.0 federated environment (IDP and SP). I would like to generate a custom attribute for assertions created only for one SP. As such, I will not modify the IDP configuration. The snippet of the SAML Assertion we need to create: < saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" > Name="urn:oasis:names:tc:SAML:2.0:profiles:attribute:DCE:groups" > < saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xsi:type="xsd:string"> ABCD

问题 I'm trying to integrate SAML with Amazon Cognito through an android application. I followed a series of YouTube videos by 101apps.co.za where I was successfully able to authenticate a manually created user on the Cognito console itself through both the hosted UI using the link format they provide in their documentation and through my simple android app. In my scenario, I'm supposed to authenticate users using Office 365 email id's and passwords since this is a corporate environment. I did

问题 I'm trying to integrate SAML with Amazon Cognito through an android application. I followed a series of YouTube videos by 101apps.co.za where I was successfully able to authenticate a manually created user on the Cognito console itself through both the hosted UI using the link format they provide in their documentation and through my simple android app. In my scenario, I'm supposed to authenticate users using Office 365 email id's and passwords since this is a corporate environment. I did