Category Archives: adfs

How i can generate a valid xml for saml2 sp

i don't know implement SAML2 protocol for my custom SP service, and i've some difficults...

I have tried this;

<?xml version="1.0" encoding="UTF-8"?>
 <EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://www.mydomain.ext/#/secure">
  <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
   <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://www.mydomain.ext/#/" isDefault="true"/>
    <KeyDescriptor>
     <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
      <ds:X509Data>
       <ds:X509Certificate>
        {my_x509_certificate_generated}
       </ds:X509Certificate>
      </ds:X509Data>
     </ds:KeyInfo>
    </KeyDescriptor>
   <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:entity</NameIDFormat>
  </SPSSODescriptor>
 </EntityDescriptor>

I need make it for send xml file to the IDP. What miss for make a valid SP xml file?, Thank's

Implement single sign on with Apache web server and multiple Active Directory forest

I am in need to implement single sign on (SSO) for an Apache web server hosting some weird enterprise CMS. The challenge is, that the SSO has to work across multiple Active Directory forests owned by different customers. I thought of using SAML to get the job done. But I am stuck at figuring out, if Apache can work together with Microsofts Active Directory Federation Services (ADFS). Anyone done ADFS with Apache already?

Greetings from Germany,

[email protected]