Initiated Idp-SSO example

Question

Initiated Idp-SSO example

Itachi-Uchiha78 opened this issue 6 years ago · comments

Hi,

I'm trying to do a post SSO from IDP in the Initiated IDP SSO scenario.
It seems isn't supported yet.
Can't find the right approach to implement it, can u put in the right direction?
thanks!

Itachi-Uchiha78 commented 6 years ago

Thanks!

Okke Harsta · Answer 1 · Sat Feb 10 2018 16:12:42 GMT+0800 (China Standard Time)

The unsolicited response flow - e.g. IDP-initialized SSO - is indeed not implemented. You're starting point should be a new Endpoint similar to:

https://github.com/OpenConext/Mujina/blob/master/mujina-idp/src/main/java/mujina/idp/SsoController.java#L42

but with extra query / path parameters to indicate which SP should be targeted after a successful login. The underlying Spring SAML security in Mujina SP already supports this. See:

https://docs.spring.io/autorepo/docs/spring-security-saml/1.0.x/reference/html/configuration-sso.html#configuration-sso-process-idp-init

Note that the unsolicited flow is not on the Mujina roadmap, so you are kind of on your own for implementing this. However I will accept a merge request if it is backward compatible.

Philip Gladstone · Answer 2 · Fri May 11 2018 03:35:46 GMT+0800 (China Standard Time)

@Itachi-Uchiha78 Did you ever implement the IdP initiated flow?

Thanks