OpenConext / Mujina

A mock IDP and SP using the OpenSAML library

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Initiated Idp-SSO example

Itachi-Uchiha78 opened this issue · comments

Hi,

I'm trying to do a post SSO from IDP in the Initiated IDP SSO scenario.
It seems isn't supported yet.
Can't find the right approach to implement it, can u put in the right direction?
thanks!

The unsolicited response flow - e.g. IDP-initialized SSO - is indeed not implemented. You're starting point should be a new Endpoint similar to:

https://github.com/OpenConext/Mujina/blob/master/mujina-idp/src/main/java/mujina/idp/SsoController.java#L42

but with extra query / path parameters to indicate which SP should be targeted after a successful login. The underlying Spring SAML security in Mujina SP already supports this. See:

https://docs.spring.io/autorepo/docs/spring-security-saml/1.0.x/reference/html/configuration-sso.html#configuration-sso-process-idp-init

Note that the unsolicited flow is not on the Mujina roadmap, so you are kind of on your own for implementing this. However I will accept a merge request if it is backward compatible.

Thanks!

@Itachi-Uchiha78 Did you ever implement the IdP initiated flow?

Thanks