IDP Initiated SSO Using Middleware

danspam · March 9, 2018, 10:04pm

Hi,

I am unclear as to how to get IDP initiated SSO to work when using the middleware. If you change the PartnerName of the example IDP to “<a href=“https://MiddlewareServiceProvider””>https://MiddlewareServiceProvider" and try it, you just end up on the home page of the middleware service provider. It seems this is because the call to /SAML/AssertionConsumerService returns a location header of the home page instead of the callback handler of the externallogin page, which would then actually sign you in.

What is the best way therefore to get this to work?

Thanks
Dan

ComponentSpace · March 11, 2018, 4:40pm

Hi Dan
This is a limitation in the SAML authentication handler as it’s not passing control back to the application correctly for IdP-initiated SSO.
The next release will handle this correctly.
You’re welcome to email us and I’ll see that you receive a beta as soon as it’s available.
You also have the option of using a controller rather than the authentication handler as this supports IdP-initiated SSO. The ExampleServiceProvider project demonstrates this.

danspam · March 11, 2018, 5:03pm

[quote]

ComponentSpace - 3/11/2018

Hi Dan
This is a limitation in the SAML authentication handler as it's not passing control back to the application correctly for IdP-initiated SSO.
The next release will handle this correctly.
You're welcome to email us and I'll see that you receive a beta as soon as it's available.
You also have the option of using a controller rather than the authentication handler as this supports IdP-initiated SSO. The ExampleServiceProvider project demonstrates this.

[/quote]

Understood, thanks. I look forward to the next release!

Dan

ComponentSpace · March 12, 2018, 2:27pm

Thanks Dan.

ComponentSpace · March 12, 2018, 11:49pm

The SAML authentication handler now supports IdP-initiated SSO and SLO.
This is available in the v2.0.5 beta release.