mace-opensaml-users - RE: [OpenSAML] Testing SAML relying party browser post profile
Subject: OpenSAML user discussion
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: [OpenSAML] Testing SAML relying party browser post profile
- Date: Tue, 2 Dec 2008 23:49:28 -0500
- Organization: The Ohio State University
> Instead of the above, I would just like to access the testshib IdP and
upon
> logging in there would like the IdP to send an assertion to my (non-Shib)
SP
> with the attributes. Is this possible?
No, not with SAML 2 anyway. We don't support IdP-initiated SSO except with
the legacy Shibboleth/SAML1 option.
> - from the doc at that url, I got the url for SAML2 POST as
> https://idp.testshib.org/idp/profile/SAML2/POST/SSO. So I tried replacing
> the SAML2 with SAML1 but neither worked.
That works fine, but only if you, well, do that. That's a SAML endpoint and
you have to give it a SAML request.
> So is it at all possible to just go to the test idp url and provide my
> provider id and login to trigger the browser post of the assertion to my
SP?
Only with legacy requests and SAML 1.1 responses.
-- Scott
- RE: [OpenSAML] [OpenSAML2] Testing SAML relying party browser post profile, Pantvaidya, Vishwajit, 12/01/2008
- RE: [OpenSAML] [OpenSAML2] Testing SAML relying party browser post profile, Scott Cantor, 12/02/2008
- RE: [OpenSAML] Testing SAML relying party browser post profile, Pantvaidya, Vishwajit, 12/02/2008
- RE: [OpenSAML] Testing SAML relying party browser post profile, Scott Cantor, 12/02/2008
- RE: [OpenSAML] Testing SAML relying party browser post profile, Pantvaidya, Vishwajit, 12/02/2008
- RE: [OpenSAML] [OpenSAML2] Testing SAML relying party browser post profile, Scott Cantor, 12/02/2008
Archive powered by MHonArc 2.6.16.