Expand my Community achievements bar.

Radically easy to access on brand approved content for distribution and omnichannel performant delivery. AEM Assets Content Hub and Dynamic Media with OpenAPI capabilities is now GA.
Learn More

SP Initiated SSO integration in AEM 6.4 with SAML 2.0 Authentication

Avatar

Level 2
Level 2
9/26/18 9:29:01 PM

Hi All,

I am new to SAML authentication. I would like to understand the steps involved in setting up only SP initiated SSO in AEM 6.4 using SAML authentication.

Kindly assist.

Thanks!!
Soumyadip Dutta

Views

1.6K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
3 Replies

Avatar

Community Advisor
Community Advisor
9/27/18 5:14:32 AM

Dear Soumyadip Dutta,

Have at look two documents below, they provide pretty good overview of steps required:

Demonstration of AEM and SAML integration  and Demonstration of AEM and SAML integration

Regards,

Peter

Views

1.2K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
9/28/18 12:23:43 AM

Hi smacdonald2008​ / PuzanovsP​,

Thanks for the quick response.

Below is my metadatadata.xml which we have received from IDP ( WEBSSO ) :

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<EntityDescriptor entityID="https://www.websso.db.com/IDP" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">

    <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">

        <KeyDescriptor use="signing">

            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

                <ds:X509Data>

                    <ds:X509Certificate>***</ds:X509Certificate>

                </ds:X509Data>

            </ds:KeyInfo>

        </KeyDescriptor>

        <KeyDescriptor use="encryption">

            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

                <ds:X509Data>

                    <ds:X509Certificate>***</ds:X509Certificate>

                </ds:X509Data>

            </ds:KeyInfo>

<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc">

                <xenc:KeySize xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">128</xenc:KeySize>

</EncryptionMethod>

        </KeyDescriptor>

<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>

        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>

        <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>

        <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>

        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</NameIDFormat>

        <!--<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://integration.websso.bridge.ies.gto.intranet.db.com/webssoIDP/SAMLProcessor"/>-->

        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://integration.websso.bridge.ies.gto.intranet.db.com/webssoIDP/SAMLCatcher"/>

    </IDPSSODescriptor>

</EntityDescriptor>

We are getting the below error while login :

And in our application, we have configured the SAML 2.0 authentication handler  as :

1581256_pastedImage_3.png

Views

1.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
[AEM Gems | 31st July 2024] Integrating Private GitHub Repositories in AEM Cloud Manager

Views

350

Likes

0

Replies

2
Register today: Master AEM Performance with Lighthouse: Expert Tips for Top Scores Webinar

Views

70

Like

1

Replies

0
Register for the AEM Skill Exchange on August 14, 2024

Views

74

Likes

2

Replies

0
How de we create interface between Adobe AEM and AWS KMS

Views

97

Likes

0

Replies

3
Issue with package installation when AEM project is added as maven dependency in other AEM project - AEM as CloudService

Views

212

Likes

0

Replies

4