java - HowTo send a SAML Request? -


i want send saml request idp (azure ad) ia m not sure how send request @ all.

first used opensaml build authrequest. encoded string.

now wanted use apachehttpclient send request , read response , not sure if opensaml provides http sending methods @ idea use apaches httpclient now.

string encodedauthrequest = generateauthrequest(); string url = "http://myidp/samlendpoint"; closeablehttpclient client = httpclientbuilder.create().build(); httpget request = new httpget(url);  // add request header request.addheader("user-agent", user_agent);  // add else?  httpresponse response = client.execute(request);

i stuck since not sure how setup request, need query parameter ?saml=.... in or have put encoded saml response in body post..

can or clarify these issue?

update guillaumes answer:

i have idps metadata:

<idpssodescriptor>     <singlesignonservice         binding="urn:oasis:names:tc:saml:2.0:bindings:http-redirect"         location="https://myidp/saml2" />     <singlesignonservice binding="urn:oasis:names:tc:saml:2.0:bindings:http-post"         location="https://myidp/saml2" />

depends on binding supposed use. idp documentation or metadata should mention that. there several:

  • redirect binding (using get), far common requests
  • post binding
  • artifact binding (more complex, have never seen used requests)
  • ...

i suppose redirect binding used in case (edit: added metadata idp, mentions can use both redirect , post bindings). described here: https://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf page 15.

short version: must first use deflate algorithm compress xml request, encode using base64, encode using url encoding, pass query parameter named samlrequest

?samlrequest=<your url-encoded base64-encoded deflated authnrequest>

https://en.wikipedia.org/wiki/saml_2.0#sp_redirect_request.3b_idp_post_response


Comments

Post a Comment

Popular posts from this blog

aws api gateway - SerializationException in posting new Records via Dynamodb Proxy Service in API -

i getting "__type": "com.amazon.coral.service#serializationexception" as reply in postman & in test console in api gateway trying post record directly dynamodb using api proxy services.. referring aws article - https://aws.amazon.com/blogs/compute/using-amazon-api-gateway-as-a-proxy-for-dynamodb/ here's mapping { "tablename": "tablenamegoeshere", "item": { "id" : "$context.requestid" "eventname" : "$input.path('$.eventname')", "timestamp" : $input.path('$.timestamp'), "answers": "$util.parsejson($input.path('$.answers'))" } } update: did asked ... , worked if try add array of json objects gives me above same error - here's trying now. please - couldnt find on google well #set($inputroot = $input.path('$')) { "tablename": "answer", "item": {
Read more

asp.net - Problems sending emails from forum -

i have been redesigning site has message board, has been written guy looked after site. it has few problems , written in .asp , uses .mdb files database. you can see whole thing here . feel free post if helps, test thing have set using original files , new database. the basic problem when posts message, supposed email sent them, have posted it. when replies, originator supposed message, replier has been posted. i’d have thought @ point in process there should script/file in postmessage.asp? the postmessage.asp page below. <% option explicit %> <!-- #include virtual="common/adovbs.inc" --> <html> <head> <meta http-equiv="content-type" content="text/html; charset=windows-1252"> <meta name="generator" content="microsoft frontpage 4.0"> <meta name="progid" content="frontpage.editor.document"> <title>new page 2</title> <base target="_self"
Read more