SAML 2.0 IDP Initiated SSO and Post Request

Fórumok

Thierry Dagnino, módosítva 10 év-val korábban

SAML 2.0 IDP Initiated SSO and Post Request

New Member Bejegyzések: 9 Csatlakozás dátuma: 2012.07.27. Legújabb bejegyzések

Hi,

I have a question regarding the SAML 2.0 plugin and perhaps SAML 2.0 in general.

If liferay is configured as IDP and the ressource you try to acces at the provider is accessed through a post request (which has 1 input field, say
input1) . After the IDP authenticates the user , it sends a redirect xhtml to the browser. When I look in http fox, I only see the SAMLResponse in the input fields that are sent to the SAML provider... where do I see the input1 field of my orginal post ... ? Maybe , I'm missing something in the SAML Protocol ?

Thanks for your help.

Mika Koivisto, módosítva 10 év-val korábban

RE: SAML 2.0 IDP Initiated SSO and Post Request

Liferay Legend Bejegyzések: 1519 Csatlakozás dátuma: 2006.08.07. Legújabb bejegyzések

It's not sent. It can only provide a URL as RelayState where the user is sent to after successful authentication. This will always be GET so if the original url requires POST it won't work.

Thierry Dagnino, módosítva 10 év-val korábban

RE: SAML 2.0 IDP Initiated SSO and Post Request

New Member Bejegyzések: 9 Csatlakozás dátuma: 2012.07.27. Legújabb bejegyzések

Thanks for your reply Mika.

Is handling the post in initial request something that will come in the future or is it not handled in the SAML 2.0 protocol ?

I can't seem to find this info anywhere .

Thanks.

Mika Koivisto, módosítva 10 év-val korábban

RE: SAML 2.0 IDP Initiated SSO and Post Request

Liferay Legend Bejegyzések: 1519 Csatlakozás dátuma: 2006.08.07. Legújabb bejegyzések

It's not handled by SAML. You need to initiate SSO before that or you need to code the SP app so that it can recreate the post after sign on.