ComponentSpace

Forums



IDP InitiatedSSO - Subject value


IDP InitiatedSSO - Subject value

Author
Message
s k
s k
New Member
New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)

Group: Forum Members
Posts: 8, Visits: 74
I am trying to setup Idp InitiatedSSO. I was trying to debug SAML response sent to Service Provider.
 found that  in Saml reposnse is 
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
      ID="_171d2bc8-8c85-4349-989c-32cbfd60c63a"
      Version="2.0"
      IssueInstant="2020-12-15T19:35:24.108Z">
but requrired response is 
<samlp:Response xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_c7ed0291-8384-448b-a687-de50c889e9e3"
Version="2.0"
IssueInstant="2019-05-06T19:20:08.3833682Z"

so i need to include namespaces and Samlp value from protocol to assertion
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
We use the prefixes suggested in the SAML specification. The namespace declarations are included where they make the most sense. We don't include a way for your application to modify this.

However, this shouldn't be an issue. The XML we generate complies with the SAML specification and validates against the SAML XML schema. Other SAML implementations might use different prefixes and declare XML namespaces elsewhere in the XML document. This is perfectly fine too. All that matters are the the element names and the namespaces under which they're declared. The prefixes used and the exact location within the ancestor tree where the namespace is declared are irrelevant. If an implementation relies on either of these it's a limitation of that implementation. There are no such issues with all the major SAML offerings.

Perhaps what you're comparing with is an example SAML response. I suggest testing against the SP. I suspect the prefixes and namespaces won't be an issue.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 1 query. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search