Provide more informations about creating the service
See original GitHub issueHello, I’m confusing with the whole setup.
What I want ? I want a user from my application to connect to an ADFS via SAML2 :
What I’ve done so far:
- I have an ADDS and an ADFS working properly.
- I added the relying party trust and the callback url on the ADFS
So, what I understand so far is that my ADFS will be the Identity provider ? And my application will be the Service Provider ?
// for now, I fetch the https://<adfs>/FederationMetadata/2007-06/FederationMetadata.xml
const idp = saml.IdentityProvider({
metadata,
}); // I believe the package will do the job in order to setup the IDP correctly am I right ?
What I’m missing is the configuration for the service provider ?
const sp = saml.ServiceProvider({
dataEncryptionAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
requestSignatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
metadata, // using the same Metadata object from the ADFS- I don't know for know what should I put in there ?
});
const url = sp.createLoginRequest(idp, 'redirect'); // this create a request that won't be accepted by our ADFS.
On the ADFS
An error appear each time I sent a SAML request, saying that :
What metadata I’m suppose to provide for my SP ? And witch certificate or private key I’m suppose to give in order to make it work ?
I’m still confuse about how this work, if someone can help me. 😞
Issue Analytics
- State:
- Created 6 years ago
- Comments:8 (4 by maintainers)
Top Results From Across the Web
Create an application service
Create an application service to adhere to CSDM standards and to standardize the organization, maintenance, and monitoring of services in your organization.
Read more >Services overview | Android Developers
The Service class is the base class for all services. When you extend this class, it's important to create a new thread in...
Read more >Tutorial: Create a Windows service app - .NET Framework
In this tutorial, create a Windows service app in Visual Studio that writes messages to an event log. ... For more information, see...
Read more >Creating and managing service accounts | IAM Documentation
This page explains how to create and manage service accounts using the Identity and Access Management (IAM) API, the Google Cloud console, and...
Read more >8 Ways You Can Provide More Personalized Customer Service
Taking a few simple, cost-effective steps can help businesses offer personalized customer service experiences, both online and off.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@rolljee
So, what I understand so far is that my ADFS will be the Identity provider ? And my application will be the Service Provider ?
Answer is yes.
From my understanding, you are trying to do the SP-initiated SSO, right ?
For your configuration of service provider, you can use this online tool to build your metadata.
There are a lot of options to make the service works, feel free to send your message to passify.io@gmail.com if you don’t want to expose the business secret here, using this pgp key for email encryption if you want.
@tngan I mean redirect binding for adfs response not for request 😃
Using this piece of code, i managed to decrypt any response incomming from an adfs redirect binding.