IdP initiated Single sign on POST binding
Question
My web application is looking for a way to redirect users to a service provider website(ABC Company) and I am in the process of implementing this using Idp initiated SSO. So idea is to create SAML assertion and bind it in a response which will be sent to SP(ABC Company) and once it is validated, user will be able to access Service Provider(ABC Company). Does anyone have any starting primer document on how to do this in java and what libraries are good to use ?
1 answers
solution1
0 ACCPTED 2013-09-19 06:28:04
I often find that Idp initiated SSO is not the best solution. Instead of the IDP initiating the SSO, just redirect the user to the SP, the SP will see that the use is no authenticated and start SSO with the IDP.
Is there a reason you want to have the IDP initiate it?
If you really want to do IDP-initiated SSO there are many software that can do this. If you want to have it embedded in you appliation, have a look at the Spring SAML module og OpenSAML library(demands a very good understanding of SAML, examples here ) You can also use thrid party sotware that only require setup and configuration. for example OpenAM
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.