AnsweredAssumed Answered

Build SAML Protocol Request support different binding protocol ?

Question asked by JerryLin on Nov 3, 2016
Latest reply on Nov 24, 2016 by Stephen_Hughes

Hi ALL ,

 

We have a external IdP Server , and I use "Build SAML Protocol Request Assertion" for authentication.

 

but I see the document for "Build SAML Protocol Request Assertion" only support SOAP format ,

 

and our external IdP only accept  the request is redirected binding , and response is post binding. that is XML format , not SOAP format , please see the following:

 

<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest AssertionConsumerServiceURL="https://an9.***.com/sso/ac/consume" ForceAuthn="false" ID="0" IsPassive="false" IssueInstant="2016-11-03T03:30:33.343Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"
    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <samlp:Issuer
        xmlns:samlp="urn:oasis:names:tc:SAML:2.0:assertion">an9
    </samlp:Issuer>
    <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" SPNameQualifier="Issuer"
        xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"/>
        <saml2p:RequestedAuthnContext Comparison="exact"
            xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
            <saml:AuthnContextClassRef                xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
            </saml:AuthnContextClassRef>
        </saml2p:RequestedAuthnContext>
    </samlp:AuthnRequest>

 

My Question is :

 

1. "Build SAML Protocol Request Assertion" can support different binding protocol , like   SAML SOAP Binding (based on SOAP 1.1) ,     Reverse SOAP (PAOS) Binding ,     HTTP Redirect Binding ,     HTTP POST Binding ,     HTTP Artifact Binding ,     SAML URI Binding?

 

2. how to custom saml request , like add AssertionConsumerServiceURL element ?

 

Please help !

Outcomes