ComponentSpace

Forums



IDP Initiated SSO Using Middleware


IDP Initiated SSO Using Middleware

Author
Message
Dan Sargeant
Dan Sargeant
New Member
New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)

Group: Forum Members
Posts: 4, Visits: 46
Hi,

I am unclear as to how to get IDP initiated SSO to work when using the middleware. If you change the PartnerName of the example IDP to "https://MiddlewareServiceProvider" and try it, you just end up on the home page of the middleware service provider. It seems this is because the call to /SAML/AssertionConsumerService returns a location header of the home page instead of the callback handler of the externallogin page, which would then actually sign you in.

What is the best way therefore to get this to work?


Thanks
Dan
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Hi Dan
This is a limitation in the SAML authentication handler as it's not passing control back to the application correctly for IdP-initiated SSO.
The next release will handle this correctly.
You're welcome to email us and I'll see that you receive a beta as soon as it's available.
You also have the option of using a controller rather than the authentication handler as this supports IdP-initiated SSO. The ExampleServiceProvider project demonstrates this.

Regards
ComponentSpace Development
Dan Sargeant
Dan Sargeant
New Member
New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)

Group: Forum Members
Posts: 4, Visits: 46
ComponentSpace - 3/11/2018
Hi Dan
This is a limitation in the SAML authentication handler as it's not passing control back to the application correctly for IdP-initiated SSO.
The next release will handle this correctly.
You're welcome to email us and I'll see that you receive a beta as soon as it's available.
You also have the option of using a controller rather than the authentication handler as this supports IdP-initiated SSO. The ExampleServiceProvider project demonstrates this.

Understood, thanks. I look forward to the next release!

Dan
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Thanks Dan.

Regards
ComponentSpace Development
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
The SAML authentication handler now supports IdP-initiated SSO and SLO.
This is available in the v2.0.5 beta release.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search