I am implementing a Service Provider in java and an IDP in java, which is necessary to implement in order to comply with a basic implementation?

a logout request, which must be signed? the application service provider for the idp, idp or response to the service provider? is it really necessary to sign the service provider?

I am using SAML2 authentication engine. I would like to log the SAML Request AND SAML Response. How do I intercept the request and response using idp-metadata.xml or attribute-resolver.xml or handler.xml

Any help would be appreciated

I am using standard SAML2.0 Authentication engine for authentication purpose. I am able to access the JAVA objects using script attribute from SAML. But I need to send the XML objects as additional attributes in SAML response ( in assertion ). For this I am trying to hard code as below. If this works I can extend this to JAVA objects.

Read more

I connect with a saml message to a portal. When i try make logout with other saml message, the portal send me one error in your saml response.

 

error:

<Status> <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester"> <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:RequestDenied" /> </StatusCode> <StatusMessage>urn:oasis:names:tc:SAML:2.0:status:RequestDenied (urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue)</StatusMessage> </Status>

 

Read more