堆栈内存溢出
  简体   繁体   English

Java中使用SAML2进行SSO身份验证以及如何使用HtmlUnit执行JavaScript

[英]SSO authentication with SAML2 in Java and How to Execute JavaScript by Using HtmlUnit

 原文  2017-02-22 09:43:52       java/ authentication/ single-sign-on/ kerberos/ htmlunit

问题描述

In one of my developments (using kerberos authentication to loginalong with HtmlUnit) its working fine in all cases , facing an issue after hitting SSO authenticated links where the SAML2 used. 在我的一项开发中(使用kerberos身份验证与HtmlUnit一起登录),它在所有情况下均能正常工作,在碰到使用SAML2的经过SSO身份验证的链接后面临一个问题。

I have searched all the way there is no proper explanation to get more info on SAML2 authentication for SSO secured pages. 我一直在搜索,没有适当的说明来获取有关SSO安全页面的SAML2身份验证的更多信息。

I`m completely new for SSO authentication and SAML2 authentication,is there any separate API for this? 我是SSO身份验证和SAML2身份验证的新手,是否有任何单独的API? help me to know on more on this. 帮助我了解更多有关此的信息。

Could you please help or suggest what is the best process to pass the user/password to get the authentication. 您能帮忙还是建议通过用户/密码进行身份验证的最佳过程是什么?

Thanks 谢谢

1 个解决方案

解决方案1
 1  2017-02-23 09:45:39

Authentication itself is not part of SAMLv2 specification. 身份验证本身不是SAMLv2规范的一部分。 SAMLv2 defines the exchange of information about authenticated subjects. SAMLv2定义了有关经过身份验证的主题的信息交换。 Authentication happens at the SAMLv2 IdP. 身份验证在SAMLv2 IdP上进行。 How this happens in detail is up to the IdP. 具体如何进行取决于IdP。 It could be that the following is possible in your case ... Use HTTP POST to send credentials to the Login URL of the IdP. 在您的情况下,可能是以下情况...使用HTTP POST将凭据发送到IdP的登录URL。 Capture the session cookie returned by the IdP. 捕获IdP返回的会话cookie。 Send HTTP request to the endpoint of the IdP which allows so called IdP-initiated SSO and specify 'HTTP Redirect Binding' and the Meta Alias of the SP (this is the SSO-enabled app from SAML point of view). 向允许IdP发起的SSO的IdP端点发送HTTP请求,并指定“ HTTP重定向绑定”和SP的元别名(从SAML角度来看,这是启用SSO的应用程序)。 The IdP would return a 302 , follow the redirect, the SP should consume the SAML assertion included as a query parameter and you should be able to access the SSO-enabled app. IdP将返回302,跟随重定向,SP应该使用SAML断言作为查询参数,并且您应该能够访问启用了SSO的应用程序。

You may read SAMLv2 tech overview ( http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0-cd-02.html ) to get some idea. 您可以阅读SAMLv2技术概述( http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0-cd-02.html )以获得一些想法。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Java SAML2 SSO客户端 - Java SAML2 SSO client 以CAS和SAML2 SSO为例 - CAS and SAML2 SSO by example SAML2 SSO断言使用者 - SAML2 SSO Assertion Consumer 如何使用联合SSO(SAML2)调用AtTask REST API - How to call AtTask REST API with Federated SSO (SAML2) 如何使用 SAML 在 Java 中实现 SSO? - How to implement SSO in Java with SAML? 如何使用Java,Java EE实现SAML sso - how to implement SAML sso using Java, Java EE JWT 同一路径回退到 SAML2 的身份验证 - JWT authentication with fallback to SAML2 for the same path 用Java实施SAML SSO - Implementing a SAML SSO in Java 从Java中的ADFS获取SAML2令牌 - Get a SAML2 Token from ADFS in Java 将SAML2 AuthnRequest转换为Java类 - Convert SAML2 AuthnRequest to Java classes
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM