Hello everyone, I have almost the same situation as described in this post ( https://www.componentspace.com/Forums/11054/Setup-Customer-Testing-of-Idp-Configuration)Short explanation: 1. There is a Services Provider application; 2. There is a feature that allows users to configure information about IdentityProvider manually or using metadata xml file; 3. There are InitiateSingleSignOn and AssertionConsumerService endpoints; 4. It is necessary to implement functionality that will allow the user to test the correctness of the configuration. Based on the attached forum post, testing could be performed by Initiating SSO from another browser tab. In this case, IdP will send a response to AssertionConsumerService endpoint where we need to know that this call comes from Test action and not from real SSO process. So, is there a way to handle when testing is performed on not? In addition, is there a ComponentSpace build-in solution for testing such behavior? Some ideas about it: 1. Send serialized object with information (bool IsTest at least) as relayState and work with it in AssertionConsumerService to understand if this is response come from test request;2. Create TestInitiateSingleSignOn and TestAssertionConsumerService and provide information about these endpoints to a user with a disclaimer that this configuration has to be used only for testing.
Best regards, Dmitry!
|