3:20 p.m.
Hi all,
We are trying to integrate with an SP which sends Subject/NameID in the
Saml Request (copying example below). I have couple of questions in this
regard
1. In our custom authenticator, we want to access this NameId and want
to pre-fill username field based on this. Can you please guide me how can I
do that.
2. Secondly, I am currently using KeyCloak JBoss Adapter for my sample
SP, does the SAML Adapter supports sending nameId in SAML request?
<samlp:AuthnRequest Destination="https://idp.com/
idp/profile/SAML2/Redirect/SSO" Version="2.0"
IssueInstant="2016-02-24T15:
45:55.325Z"
ID="ID112bf5b0e4169930b663f2d89e62c521fc2f1b8133598fa2ff"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://
pingone.com/xxx/640d3755-e080-4a87-8f7f-91795e78c08d</saml:Issuer>
<saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">
jdoe@mysecureauthentication.com</saml:NameID>
</saml:Subject>
</samlp:AuthnRequest>
Regards,
Muein
10:29 a.m.
Hi all,
Any pointers to this? I was looking at the SAMLAuthNRequestParser class and
it seems we are parsing the subject from the incoming request. Now the
question is how can I access it in my custom authenticator?
else if (JBossSAMLConstants.SUBJECT.get().equals(elementName)) {
authnRequest.setSubject(getSubject(xmlEventReader));
}
Regards,
Muein
On Fri, Sep 9, 2016 at 3:20 PM, Muein Muzamil <
shmuein+keycloak-dev(a)gmail.com> wrote:
Hi all,
We are trying to integrate with an SP which sends Subject/NameID in the
Saml Request (copying example below). I have couple of questions in this
regard
1. In our custom authenticator, we want to access this NameId and want
to pre-fill username field based on this. Can you please guide me how can I
do that.
2. Secondly, I am currently using KeyCloak JBoss Adapter for my sample
SP, does the SAML Adapter supports sending nameId in SAML request?
<samlp:AuthnRequest Destination="https://idp.com/i
dp/profile/SAML2/Redirect/SSO" Version="2.0"
IssueInstant="2016-02-24T15:45:55.325Z"
ID="ID112bf5b0e4169930b663f2d89e62c521fc2f1b8133598fa2ff"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://pi
ngone.com/xxx/640d3755-e080-4a87-8f7f-91795e78c08d</saml:Issuer>
<saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecifie
d">jdoe@mysecureauthentication.com</saml:NameID>
</saml:Subject>
</samlp:AuthnRequest>
Regards,
Muein
10:05 a.m.
Hi all,
Not sure if my question was clear enough, feel free to ask for
clarifications if needed.
I will really appreciate some response on this.
Best regards,
Muein
On Tue, Sep 13, 2016 at 10:29 AM, Muein Muzamil <
shmuein+keycloak-dev(a)gmail.com> wrote:
Hi all,
Any pointers to this? I was looking at the SAMLAuthNRequestParser class
and it seems we are parsing the subject from the incoming request. Now the
question is how can I access it in my custom authenticator?
else if (JBossSAMLConstants.SUBJECT.get().equals(elementName)) {
authnRequest.setSubject(getSubject(xmlEventReader));
}
Regards,
Muein
On Fri, Sep 9, 2016 at 3:20 PM, Muein Muzamil <shmuein+keycloak-dev@gmail.
com> wrote:
> Hi all,
>
> We are trying to integrate with an SP which sends Subject/NameID in the
> Saml Request (copying example below). I have couple of questions in this
> regard
>
>
> 1. In our custom authenticator, we want to access this NameId and
> want to pre-fill username field based on this. Can you please guide me how
> can I do that.
> 2. Secondly, I am currently using KeyCloak JBoss Adapter for my
> sample SP, does the SAML Adapter supports sending nameId in SAML request?
>
> <samlp:AuthnRequest Destination="https://idp.com/i
> dp/profile/SAML2/Redirect/SSO" Version="2.0"
> IssueInstant="2016-02-24T15:45:55.325Z"
> ID="ID112bf5b0e4169930b663f2d89e62c521fc2f1b8133598fa2ff"
> xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
>
> <saml:Issuer
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://pi
> ngone.com/xxx/640d3755-e080-4a87-8f7f-91795e78c08d</saml:Issuer>
> <saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
> <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecifie
> d">jdoe@mysecureauthentication.com</saml:NameID>
> </saml:Subject>
> </samlp:AuthnRequest>
>
>
> Regards,
> Muein
>
7:22 p.m.
Hi all,
This is a feature we need for some SP integrations, so if we don't support
this feature that is ok. We can probably implement this and generate a pull
request for this. But can someone please share some feedback how this
should be implemented.
Thanks in advance for your feedback on this.
Regards,
Muein
On Thu, Sep 15, 2016 at 10:05 AM, Muein Muzamil <
shmuein+keycloak-dev(a)gmail.com> wrote:
Hi all,
Not sure if my question was clear enough, feel free to ask for
clarifications if needed.
I will really appreciate some response on this.
Best regards,
Muein
On Tue, Sep 13, 2016 at 10:29 AM, Muein Muzamil <
shmuein+keycloak-dev(a)gmail.com> wrote:
> Hi all,
>
> Any pointers to this? I was looking at the SAMLAuthNRequestParser class
> and it seems we are parsing the subject from the incoming request. Now the
> question is how can I access it in my custom authenticator?
>
> else if (JBossSAMLConstants.SUBJECT.get().equals(elementName)) {
> authnRequest.setSubject(getSubject(xmlEventReader));
> }
>
> Regards,
> Muein
>
> On Fri, Sep 9, 2016 at 3:20 PM, Muein Muzamil <
> shmuein+keycloak-dev(a)gmail.com> wrote:
>
>> Hi all,
>>
>> We are trying to integrate with an SP which sends Subject/NameID in the
>> Saml Request (copying example below). I have couple of questions in this
>> regard
>>
>>
>> 1. In our custom authenticator, we want to access this NameId and
>> want to pre-fill username field based on this. Can you please guide me how
>> can I do that.
>> 2. Secondly, I am currently using KeyCloak JBoss Adapter for my
>> sample SP, does the SAML Adapter supports sending nameId in SAML request?
>>
>> <samlp:AuthnRequest Destination="https://idp.com/i
>> dp/profile/SAML2/Redirect/SSO" Version="2.0"
>> IssueInstant="2016-02-24T15:45:55.325Z"
>> ID="ID112bf5b0e4169930b663f2d89e62c521fc2f1b8133598fa2ff"
>> xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
>>
>> <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
>> http://pingone.com/xxx/640d3755-e080-4a87-8f7f-91795e78c08d</saml:Iss
>> uer>
>> <saml:Subject
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
>> <saml:NameID Format="urn:oasis:names:tc:SAM
>> L:1.1:nameid-format:unspecified">jdoe@mysecureauthentication.com
>> </saml:NameID>
>> </saml:Subject>
>> </samlp:AuthnRequest>
>>
>>
>> Regards,
>> Muein
>>
>
>
8:31 p.m.
Just to add to my previous email, I looked into the code and came across
SAMlService::loginRequest method where we are setting different SAML
parameters into client session. So we can imagine setting NameID also in
the session notes at that point. If this change makes sense then do let me
know and I can modify the code and can generate the pull request. Or if you
would like to do this yourself, even then this is fine with me :).
Regards,
Muein
On Wed, Sep 21, 2016 at 7:22 PM, Muein Muzamil <
shmuein+keycloak-dev(a)gmail.com> wrote:
Hi all,
This is a feature we need for some SP integrations, so if we don't support
this feature that is ok. We can probably implement this and generate a pull
request for this. But can someone please share some feedback how this
should be implemented.
Thanks in advance for your feedback on this.
Regards,
Muein
On Thu, Sep 15, 2016 at 10:05 AM, Muein Muzamil <
shmuein+keycloak-dev(a)gmail.com> wrote:
> Hi all,
>
> Not sure if my question was clear enough, feel free to ask for
> clarifications if needed.
>
> I will really appreciate some response on this.
>
> Best regards,
> Muein
>
> On Tue, Sep 13, 2016 at 10:29 AM, Muein Muzamil <
> shmuein+keycloak-dev(a)gmail.com> wrote:
>
>> Hi all,
>>
>> Any pointers to this? I was looking at the SAMLAuthNRequestParser class
>> and it seems we are parsing the subject from the incoming request. Now the
>> question is how can I access it in my custom authenticator?
>>
>> else if (JBossSAMLConstants.SUBJECT.get().equals(elementName)) {
>> authnRequest.setSubject(getSubject(xmlEventReader));
>> }
>>
>> Regards,
>> Muein
>>
>> On Fri, Sep 9, 2016 at 3:20 PM, Muein Muzamil <
>> shmuein+keycloak-dev(a)gmail.com> wrote:
>>
>>> Hi all,
>>>
>>> We are trying to integrate with an SP which sends Subject/NameID in the
>>> Saml Request (copying example below). I have couple of questions in this
>>> regard
>>>
>>>
>>> 1. In our custom authenticator, we want to access this NameId and
>>> want to pre-fill username field based on this. Can you please guide me
how
>>> can I do that.
>>> 2. Secondly, I am currently using KeyCloak JBoss Adapter for my
>>> sample SP, does the SAML Adapter supports sending nameId in SAML request?
>>>
>>> <samlp:AuthnRequest Destination="https://idp.com/i
>>> dp/profile/SAML2/Redirect/SSO" Version="2.0"
>>> IssueInstant="2016-02-24T15:45:55.325Z"
>>> ID="ID112bf5b0e4169930b663f2d89e62c521fc2f1b8133598fa2ff"
>>> xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
>>>
>>> <saml:Issuer
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
>>> http://pingone.com/xxx/640d3755-e080-4a87-8f7f-91795e78c08d</saml:Iss
>>> uer>
>>> <saml:Subject
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
>>> <saml:NameID Format="urn:oasis:names:tc:SAM
>>> L:1.1:nameid-format:unspecified">jdoe@mysecureauthentication.com
>>> </saml:NameID>
>>> </saml:Subject>
>>> </samlp:AuthnRequest>
>>>
>>>
>>> Regards,
>>> Muein
>>>
>>
>>
>
3480
days inactive
3493
days old
4 comments
1 participants
participants (1)
-
Muein Muzamil