Collaborate Disseminate
I was wondering if it is possible to combine SAML 2.0 SSO with QR Code scanning or fundamentally it is not possible?
If a session exists in one device the user can scan it with her chell phone and login instantly. Something similar is foun… Continue reading Is it possible to combine SAML 2.0 SSO with session login of QR Code
I am so confused about this certification involvement between CF and ADFS talk. When we click on "Generate SP" on ColdFusion administrator, it does create a .p12 file but on the ADFS side, it only accepts a .cer file. So not sure… Continue reading ADFS and ColdFusion setup regarding certificate [migrated]
SAML Response + SAML Assertion are both signed individually while sending back the response.
But the SAML Response contains the SAML Assertion. The latter is actually a subset of the former. Then what is the use of signing both separately?… Continue reading In a SAML Response what is the need to sign both things, the complete SAML Response and the SAML Assertion?
Based on my understanding, the way signatures are generated in a SAML response is like this:
Pick the SAML Response (without the signature block)
Use the Service Provider’s public key to generate a signature
Generate the digest
Add a sign… Continue reading Couldn’t an attacker alter a SAML Response data along with the signature and digest?
I’m reading about SAML Authentication and I’ve come across 2 different mechanisms. But I’m not seeing any proper explanation anywhere of which flow is used when.
If you’re creating a SAML service provider application, then how do you decid… Continue reading How is it decided whether a SAML setup should use HTTP GET or POST?
When an SAML Authentication request is performed, let’s say that the Service Provider uses an HTTP 302 redirect. The user agent is redirected to the IdP via a GET request. This URL is provided by the SP.
In this case, is the request:
Traditionally an SSO SAML request for the authentication works as follows:
The user agent sends the request to the SP asking for some resource
SP sends a SAML authentication request to IdP. This can be done using a HTTP-Redirect 302 or 30… Continue reading Can someone please clarify about how the SAML response is sent back from IdP to SP
We are implementing SAML/OIDC-based SSO across our enterprise and wanted to get a feel for best practices when it comes to using Personal/Signer Certificates within our IdP.
Historically we’ve utilised the personal certificate that came wi… Continue reading IdP Personal/Signer Certificates
I’m studying a lot about SSO but still having difficultly in understanding which flows need certificates and at which end(SP or IdP). Currently in my system, Salesforce is used as SP and Azure AD is used as IdP.
I understand IdP needs to s… Continue reading Using Certificates between IdP and SP
We are using Forgerock OpenAM for managing authentication and authorization and I was wondering if it is possible to use this configuration:
Domain 1 -> App 1 -> Use SAML2
Domain 1 -> App 2 -> Use OpenID Connect
Domain 2 ->… Continue reading Can I combine OpenID Connect and SAML2 protocols in OpenAM