Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Prerequisite

AUTH Provider

  1. Azure team will be set up SAML IDP configurations

  2. Configuring SAML Single Sign-On (SSO)

    1. Basic SAML Configuration’ section

    2. Configure the User Attribute & Claims section and Adding custom roles

    3. SAML-based Sign-on configuration

    4. Setup API4Saml

    5. Test SSO via azure

  3. After that, we will below Info (below info it is Just sample credentials)

    1. Azure Enterprise Application name: APIM4SAML

    2. Identifier (Entity ID): wso2apimv400

    3. Tenant ID “

    4. SAML Single Sign-on Service URL: https://login.microsoftonline.com/a74f37bd-de4d-4eb1-954d-445a2ca2a6e8/saml2

    5. SAML Entity ID: https://sts.windows.net/a74f37bd-de4d-4eb1-954d-445a2ca2a6e8/

    6. Sign-Out URL: https://login.microsoftonline.com/a74f37bd-de4d-4eb1-954d-445a2ca2a6e8/saml2

    7. SAML signing certificate: APIM4SAML.cer(Base64 encoded certificate)

    8. Alias: ps-ad

Each Application Side

  1. Set Saml properties

    1. Needed To Update below details As per your credentials

      1. Related to SAML

    2. spring.security.saml2.serviceProvider.alias=ps-ad
spring.security.saml2.serviceProvider.entityId=spn:a74f37bd-de4d-4eb1-954d-445a2ca2a6e8
spring.security.saml2.serviceProvider.providers[0].alias=ps-ad
spring.security.saml2.serviceProvider.providers[0].metadata=https://login.microsoftonline.com/d52c9ea1-7c21-47b1-82a3-33a74b1f74b8/federationmetadata/2007-06/federationmetadata.xml?appid=ca57b740-23eb-462b-bc9d-4ebd4d3bb4a5

      1. Related to Application

        auth.baseUrl=
auth.holdingEntityId=spn:a74f37bd-de4d-4eb1-954d-445a2ca2a6e8
auth.assertingEntityId=https://sts.windows.net/d52c9ea1-7c21-47b1-82a3-33a74b1f74b8/

    3. Only needed to set fields.

    4. spring.security.saml2.serviceProvider.signMetadata=false
spring.security.saml2.serviceProvider.signRequests=false
spring.security.saml2.serviceProvider.encryptAssertions=false
spring.security.saml2.serviceProvider.singleLogoutEnabled=true
spring.security.saml2.serviceProvider.wantAssertionsSigned=true
spring.security.saml2.serviceProvider.basePath=${auth.baseUrl}${server.servlet.context-path}
spring.security.saml2.serviceProvider.nameIds=urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
spring.security.saml2.serviceProvider.keys.active.name=sp-signing-key-1
spring.security.saml2.serviceProvider.providers[0].skipSslValidation=true
spring.security.saml2.serviceProvider.providers[0].authenticationRequestBinding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST

  2. Add SAML Dependency

  3. Request For SAML validate of each User

  4. Parse Saml XML response

  5. Save Required Details in DB

  • No labels

© 2022 Publicis Sapient. All rights reserved.