Questions tagged [saml]

SAML (Security Assertion Markup Language) is an open standard and XML-based markup language for exchanging authentication and authorization information between parties, known as service providers and identity providers.

99 questions

votes

0 answers

ADFS - Correct way to massively provision relying party trusts for many similar SAML service provider

Let's say I have 200+ sites in the form of: https://site1.example.com, https://site2.example.com I have to deploy an identical SAML configuration for all of these sites. Ideally I would just have a single relying party trust set up in ADFS that…

adfs saml

asked Mar 22 '17 at 20:13

Dylan

votes

2 answers

Configuring Shibboleth SAML 2.0 with ADFS 3.0 with Fedration Errors

I'm trying to configure ADFS 3.0 and SAML 2.0. Currently, I get this error whenever I restart shibd and httpd. 2016-11-07 12:49:08 ERROR XMLTooling.ParserPool : error on line 1, column 2702, message: grammar not found for namespace…

centos7 adfs shibboleth saml

asked Nov 08 '16 at 19:28

Franz Noel

votes

0 answers

How to create an SPN for an ADFS server with an alias

I have a colleague who has set up an ADFS server in a test environment and that have given the ADFS server an alias. host name test-server.tdom.com alias test-adfs.tdom.com The server is running under a specific AD user account. The replying party…

kerberos saml

asked Oct 07 '16 at 12:45

GaryF

votes

1 answer

ADFS error duing SAML Service Provider Login

I have a Spring SAML Project that has been under development for about a month. I've integrated with ADFS and everything has been working well. I'm getting an intermittent error that is becoming problematic because I have to wait for it to…

active-directory windows-server-2012-r2 single-sign-on adfs saml

asked Jun 06 '16 at 16:31

blur0224

votes

1 answer

Shibboleth - Secure whole IIS application

I've setup shibboleth SP on my server and now I want to protect my IIS folders. I followed a few tutorials and used this syntax in my shibboleth2.xml file:

php iis iis-7.5 shibboleth saml

asked Dec 28 '15 at 16:14

posixpascal

votes

0 answers

Subversion Server with Azure AD SSO

There is a running CollabNet Subversion Edge Server in the current version 5.2.4. It is currently connected with LDAP for authentication. Now there is a challenge to grant permission to b2b guests of our azure ad to use this SVN. Is there any way to…

svn azure-active-directory saml openid subversion-edge

asked Apr 22 '21 at 08:44

Wyphorn

votes

2 answers

How can I resolve "SAML Providers must reference at least one SAML assertion issuer" message?

I want to setup a SSO solution using Keycloak 10.0.2 as the Identity Provider. The first application I want to setup is AWS. I followed this tutorial to enable Keycloak to sign me in using SAML. I noticed, that this tutorial is guiding me to…

amazon-web-services single-sign-on saml keycloak

asked Jun 16 '20 at 13:06

user540468

vote

1 answer

Set an attribute as MellonUser on mod_mellon

I'm failing to setup MelonUser on my Apache configuration. The NAME_ID my IdP provides in really a session ID that changes every time, and it's the only data available in the Subject of the response. The data I need (the real username) is contained…

apache-2.4 azure-active-directory saml

asked Apr 24 '19 at 16:10

lithiium

vote

1 answer

Should the AD FS Federation metadata for a Relying Party Trust be publicly accessible?

If I am a relying party, I can expose federation metadata to ease configuration for AD FS so I can import it into the Create a Relying Party Trust wizard. I can also choose to enable automatic updates so AD FS checks this file regularly. This file…

windows active-directory adfs saml

asked Jan 11 '19 at 17:38

Melvin

vote

2 answers

Signature verification for InCommon SAML metadata using xmlsec1 fails

InCommon Federation provides IdP and SP metadata. Their refresh policy recommends frequent checking of the metadata aggregate to use the most recent version. They strongly recommend InCommon SPs refresh and verify metadata at least daily. Following…

openssl xml saml

asked Mar 03 '18 at 01:14

pbuck

vote

1 answer

customise saml attributes Azure AD

I have configured SAML SSO against a new app in my Azure Console. I have proven it authenticates using simplesamlPHP. I am trying to add/adjust the attributes that are passed back with the SAML token. Test App in Azure Active Directory…

single-sign-on azure-active-directory saml

asked Feb 13 '18 at 14:48

Lindsay Macvean

vote

1 answer

Specify MFA based on user-agent in AD FS?

Is it possible to force a specific MFA provider based on a user-agent (ideal) or IP address (less ideal) in AD FS? Alternatively, is there another free SAML IdP that would allow this? Read below for why, in case there is another option that I am…

adfs saml

asked Nov 09 '17 at 21:02

Todd

vote

1 answer

SHIBBOLETH SP - Shibboleth handler invoked at an unconfigured location - Shibboleth.sso/Session/

I am trying to get shibboleth configured. When I go to https://mysite/secure/index.php, it works properly, I can authenticate, etc. but when I go to https://mysite/Shibboleth.sso/Status (or any other https://mysite/Shibboleth.sso/*) I get the…

saml xml

asked Jul 10 '17 at 17:23

Kevin Finkenbinder

vote

1 answer

Does Shibboleth IdP 3 automatically echo relay state by default?

Maybe this is a dumb question, but I can't find any anything about this in the documentation or elsewhere. According to the SAML spec, I know that the IdP is supposed to echo back the relay state received from the SP's authn request. Since that…

shibboleth saml

asked Jun 07 '17 at 20:38

SpasemanSpiph

vote

0 answers

SAML Azure mappings

I'm trying to setup SocialCast to use SSO against Azure AD. I have everything working except I'm unable to map the fields for first name, last name, and email address. I know authentication is working because the logs on Azure confirm it, but I…

azure saml

asked May 15 '17 at 15:12

Carl

Prev 1

3 4 5 6 7 Next