问题
I followed chapter 12.0 instructions about using spring with adfs as IdP from here : http://docs.spring.io/spring-security-saml/docs/1.0.x-SNAPSHOT/reference/pdf/spring-security-saml-reference.pdf
But I have an exception when I test the SSO :
org.opensaml.common.SAMLException: NameID element must be present as part of the Subject in the Response message, please enable it in the IDP configuration
I added the rule NameID as described in the document. We use ADFS 3.0 on a server and Tomcat on another Linux server, but I don't think it has an impact on this... I can't find a way to resolve it, is someone (@vschafer ?) has a suggestion ?
Thanks in advance !
回答1:
Finally found the solution : I had to set Rule Type as "Pass through or filter an incoming claim" because our ADFS server uses others claim providers.
More info: http://technet.microsoft.com/en-us/library/dd807060(v=ws.10).aspx
来源:https://stackoverflow.com/questions/27130691/configuring-adfs-3-0-saml-2-0-to-work-with-spring-security-for-sso-integration