The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Using SAML

how to receive saml request

Forum topic: Submitted by parvendra on Tue, 2009-12-08 06:19.

Hello,

how to setup simplesamlphp and create a php page (Service Provider) to receive a SAML 2.0 POST request ?

 

Also,my second question is below one:

"We would need to create the meta data file for the post request and  use the following php library to do the SAML Validation "

Can anyone please help me insight to accomplish these 2 tasks.

 

 Thanks in advance.

Parvendra

sender-vouches example in SAML Token Profile 1.1

Forum topic: Submitted by redtiger on Tue, 2009-11-17 17:16.

Is there a typo in the sender-vouches example of the SAML Token Profile 1.1 (wss-v1.1-spec-os-SAMLTokenProfile.pdf) document?  Section 3.5.2.3 and 3.5.2.4 have XML examples a SAML token using the sender-vouches method.  However, both of these XML examples use "holder-of-key", rather than "sender-vouches", even though they are under the sender-vouches section.

Is this a typo, or is it intentional?

Thank you.

Service Provider Implementation - help

Forum topic: Submitted by jaya on Wed, 2009-11-04 19:05. Last updated on Wed, 2009-11-04 19:13.

Hello Everyone,

I am new to SAML sp implementation. 

My Work assignment is


The End-user logs into the application(IDP)successfully and clicks on a link(Service Providers). When the user clicks on SP link, the IDP would send the SAML assertion in the String format.

As an Service Provider, my application should retrieve the SAML String and process(i.e., validate and verify the signature) it. If the signature and assertions are ok, then the user would be redirected to actual requested page.


Read more

Common domain cookies

Forum topic: Submitted by lavinek on Fri, 2009-10-23 21:00.

I have been tasked with an integration that includes an IdP and an SP on the same domain. Our original idea was to use the SAML POST bindings to establish authentication and for logout requests. My question is, can I incorporate common domain cookies to make my job easier? I'm fairly new to the SAML standard, so I apologize if the answer is obvious.

Session Timeout

Forum topic: Submitted by jensley on Tue, 2009-09-22 15:08.

I have a situation where the user logs into the IdP and then uses SSO to get to the SP.  After a period of time, the user returns to the IdP, but the IdP session has timed out due to inactivity and so the user has to log back into the IdP.  Basically, I looking for a SAML way to maintain the session on the IdP as long as there is activity on the SP.  Is there a SAML way to do this?  If not, is there anything planned in future versions of SAML for this? 

« first‹ previous123456789next ›last »
XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I

Hosted by:

OASIS