Hi All,
I am new to SAML authentication. I would like to understand the steps involved in setting up only SP initiated SSO in AEM 6.4 using SAML authentication.
Kindly assist.
Thanks!!
Soumyadip Dutta
Views
Replies
Total Likes
Dear Soumyadip Dutta,
Have at look two documents below, they provide pretty good overview of steps required:
Demonstration of AEM and SAML integration and Demonstration of AEM and SAML integration
Regards,
Peter
Views
Replies
Total Likes
Also see this article - Integrating SAML with Adobe Experience Manager
In addition -- this GEMS session will help you -- Adobe Experience Manager Help | Utilizing SAML in Adobe Experience Manager deployments
Views
Replies
Total Likes
Hi smacdonald2008 / PuzanovsP,
Thanks for the quick response.
Below is my metadatadata.xml which we have received from IDP ( WEBSSO ) :
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<EntityDescriptor entityID="https://www.websso.db.com/IDP" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
<IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>***</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>***</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc">
<xenc:KeySize xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">128</xenc:KeySize>
</EncryptionMethod>
</KeyDescriptor>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</NameIDFormat>
<!--<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://integration.websso.bridge.ies.gto.intranet.db.com/webssoIDP/SAMLProcessor"/>-->
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://integration.websso.bridge.ies.gto.intranet.db.com/webssoIDP/SAMLCatcher"/>
</IDPSSODescriptor>
</EntityDescriptor>
We are getting the below error while login :
And in our application, we have configured the SAML 2.0 authentication handler as :
Views
Replies
Total Likes
Views
Likes
Replies