Hello Rodriguez,
Thanks a lot. I will try the links. Our application will act as SP and we will use
client's Microsoft ADFS as IDP. Once the user browse the front-end (e.g.:
http://localhost:5005 ), the SP will send the metadata to IDP etc.. The problem is how to
initiate this.
Thanks,
Suleyman
-----Original Message-----
From: keycloak-user-bounces(a)lists.jboss.org [mailto:keycloak-user-bounces@lists.jboss.org]
On Behalf Of Luis Rodríguez Fernández
Sent: 13 April 2018 17:20
To: keycloak-user(a)lists.jboss.org
Subject: [External] Re: [keycloak-user] Keycloak IDP Brokering + Spring Boot/Angular
Hello Suleyman,
The sample [1] application of the spring-security-saml [2] worked like a charm for me for
the. I just needed to specify the metadata URL of my idp in
org.opensaml.saml2.metadata.provider.HTTPMetadataProvider bean of
sample/src/main/webapp/WEB-INF/securityContext.xml [3] In my setup I was using openAM as
IdP
In your case I iimagine that you have to register ADFS as IdP [4], get the SP metadata [5]
and use it in your app? Or perhaps you have to register your app as a saml client [6]
Hope it helps,
[1]
https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_spring-2D...
[2]
https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_spring-2D...
[3]
https://urldefense.proofpoint.com/v2/url?u=https-3A__docs.spring.io_sprin...
[4]
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.keycloak.org_doc...
[5]
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.keycloak.org_doc...
[6]
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.keycloak.org_doc...
2018-04-11 17:17 GMT+02:00 Yildirim, Suleyman <
suleyman.yildirim(a)accenture.com>:
Hi all,
As a novice person in security and Keycloak, I have setup Keycloak
Identity Provider to interact with ADFS using link
https://urldefense.proofpoint.com/v2/url?u=http-3A__blog.keycloak.org_201....
I wonder how we test this setting using Angular and Spring Boot. Some
details are below:
We are using Angular 1.x and Spring Boot for the project. I have
implemented SSO with open id connect but implementation part of SAML
is still confusing. There are tutorials for OpenID connect but not with SAML.
How do we send SAML request to external ADFS using IDP broker using
Spring Boot/Angular? Do I need to use Java adapters for that?
Best Regards,
Suleyman
________________________________
This message is for the designated recipient only and may contain
privileged, proprietary, or otherwise confidential information. If you
have received it in error, please notify the sender immediately and
delete the original. Any other use of the e-mail by you is prohibited.
Where allowed by local law, electronic communications with Accenture
and its affiliates, including e-mail and instant messaging (including
content), may be scanned by our systems for the purposes of
information security and assessment of internal compliance with Accenture policy. Your
privacy is important to us.
Accenture uses your personal data only in compliance with data
protection laws. For further information on how Accenture processes
your personal data, please see our privacy statement at
https://www.accenture.com/us- en/privacy-policy.
____________________________________________________________
__________________________
www.accenture.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.jboss.org_m
ailman_listinfo_keycloak-2Duser&d=DwICAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8n
OHrUK8IrwNKOtkVU&r=W6co1eMBjqBh4emCmcok5fidBI1eOf715bxeMRmm3-g&m=fCPaC
rcLez8ASH62RopjIxHvKCbl3uA2fF4Yhfot86c&s=L4_zG-BD23rrfkDTTtBo0rs7aVAHk
HhVEesVkpdeNHw&e=
--
"Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better."
- Samuel Beckett
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.jboss.org_mail...
________________________________
This message is for the designated recipient only and may contain privileged, proprietary,
or otherwise confidential information. If you have received it in error, please notify the
sender immediately and delete the original. Any other use of the e-mail by you is
prohibited. Where allowed by local law, electronic communications with Accenture and its
affiliates, including e-mail and instant messaging (including content), may be scanned by
our systems for the purposes of information security and assessment of internal compliance
with Accenture policy. Your privacy is important to us. Accenture uses your personal data
only in compliance with data protection laws. For further information on how Accenture
processes your personal data, please see our privacy statement at
https://www.accenture.com/us-en/privacy-policy.
______________________________________________________________________________________
www.accenture.com