IT Answers » SAML

SAML Web SSO: Communication between IdP and SP

Mmmx — Wed, 22 Jun 2011 11:04:40 +0000

Hello,
Assuming a SP-initiated Single sign-on with SAML. After the SSO session is established, which possibilities do I have to establish a communication between the Service Provider (SP) and Identity Provider (IdP) using SAML? As I understood, there are following related protocols:

a) Assertion Query and Request
b) Artifact Resolution

But in my use case, I would like to send some data from SP to IdP after the SSO session is established and get a response with an updated assertion from IdP. The IdP would use the received data, check the SSO session, update the assertion if required and send it back to the SP. It is assumed, that the IdP and SP understand the format of sent data.
In my opinion I could use the Assertion Query and Request protocol. But can I send my own XML-data formats to the IdP within that protocol? Are there any other possiblities?

Thanks in Advance.

Security token service-SOA Implimentation-WCF 3.5-SAML Token

Chandupatla1 — Wed, 15 Oct 2008 17:08:22 +0000

Hi,
Any one have suggestion for the below implimentation

1) I Need some STS which should respond to rst from client with a RSTR containing SAML token.The client who communicates has client credentials as windows user and security mode as message (This client is a non-wcf client i.e., .net 2.0 client. Also, i don’t want to use Certificate). Also can i generate a saml token with out using certificate in STS.

2) The client After receiving the token from STS, need to build a message request with the token for communicating with the relying party i.e., service.

3) On the Service Side(RP), i use the interceptor to validate the token for claims and authentication. Can i do like this.

Please provide me your suggestions as of how can i do this and to what extent i can use Martin gudge sample and what modifications i need to perform this.