IdP在POST绑定上启动了单点登录
[英]IdP initiated Single sign on POST binding
问题描述
My web application is looking for a way to redirect users to a service provider website(ABC Company) and I am in the process of implementing this using Idp initiated SSO. 
我的Web应用程序正在寻找一种将用户重定向到服务提供商网站(ABC公司)的方法,并且我正在使用由Idp发起的SSO来实现此目的。 So idea is to create SAML assertion and bind it in a response which will be sent to SP(ABC Company) and once it is validated, user will be able to access Service Provider(ABC Company). 因此,想法是创建SAML断言并将其绑定到响应中,该响应将被发送到SP(ABC公司),并且一旦通过验证,用户就可以访问服务提供商(ABC公司)。 Does anyone have any starting primer document on how to do this in java and what libraries are good to use ? 有没有人有任何入门入门文档介绍如何在Java中执行此操作以及哪些库很好使用?
1 个解决方案
解决方案1
0 已采纳 2013-09-19 06:28:04
I often find that Idp initiated SSO is not the best solution. 我经常发现,Idp发起的SSO并不是最佳解决方案。 Instead of the IDP initiating the SSO, just redirect the user to the SP, the SP will see that the use is no authenticated and start SSO with the IDP. 代替IDP发起SSO,只需将用户重定向到SP,SP就会看到使用未经身份验证,并使用IDP启动SSO。
Is there a reason you want to have the IDP initiate it? 您是否有理由让IDP发起它?
If you really want to do IDP-initiated SSO there are many software that can do this. 如果您真的想执行由IDP发起的SSO,则有许多软件可以执行此操作。 If you want to have it embedded in you appliation, have a look at the Spring SAML module og OpenSAML library(demands a very good understanding of SAML, examples here ) You can also use thrid party sotware that only require setup and configuration. 如果您希望将其嵌入到应用程序中,请查看Spring SAML模块和 OpenSAML库(需要对SAML有很好的了解,请参见此处的示例)。您也可以使用仅需进行设置和配置的第三方软件。 for example OpenAM 例如OpenAM
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.