...
Configuration is stored in the JSON Object websso within the authentication object.
| Info |
|---|
This authentication plugin supports both redirecting to configured SAML Identity Providers ( see Federations ) with generated SAML Request to ask them to authenticate a user, and it supports receiving SAML Responses from configured SAML Service Providers in order to let them request a SAML Response. The following query/post parameters are supported for redirecting to SAML Service Providers: - tokentype
Specify which token type to use, can be ws-trust, saml1 and saml2 - defaults to saml2. - binding
Specify binding, can be GET, redirect or POST - SAML Requestwill be sent with HTTP GET or POST request to the Service Provider URL depending on this parameter. Defaults to POST. - requestid
Optionally specify request ID to respond to. Defaults to none. - relayState
If this parameter is present in the request along with a SAML Request, it is sent back in the POST request with the SAML Response
| Note |
|---|
| Normally, federation can be initiated via a SAML Request present in the POST or Query parameter "SAMLRequest", but if you receive the SAML request from other sources, you can store it in the session in a state variable called "websso.samlrequest" -if no SAML request is provided as input, the authentication plugin will look in the session for this attribute and use it if present. It will be deleted after use. |
|
ADFS / WebSSO Identity Federation
...