配置ADFS 3.0 / SAML 2.0以与Spring Security配合使用以进行SSO集成 [英] Configuring ADFS 3.0 / SAML 2.0 to work with Spring Security for SSO integration
问题描述
从这里开始,我遵循了第12.0章关于将spring和adfs用作IdP的说明: http://docs.spring.io/spring-security-saml/docs/1.0.x-SNAPSHOT/reference/pdf/spring-security-saml -reference.pdf
但是我在测试SSO时有一个例外:
org.opensaml.common.SAMLException:NameID元素必须作为主题的一部分出现在响应消息中,请在IDP配置
<中启用它/ pre>
我按照文档中的描述添加了规则NameID。
我们在一台服务器上使用ADFS 3.0,在另一台Linux服务器上使用Tomcat,但我认为这不会对此产生影响...
我找不到解决方法,有人(@vschafer?)有建议吗?
预先感谢!
解决方案终于找到了解决方案:由于我们的ADFS服务器使用其他声明提供者,因此必须将规则类型设置为通过或过滤传入的声明。
更多信息: http://technet.microsoft.com/zh-CN/library/dd807060(v = ws.10).aspx
I followed chapter 12.0 instructions about using spring with adfs as IdP from here : http://docs.spring.io/spring-security-saml/docs/1.0.x-SNAPSHOT/reference/pdf/spring-security-saml-reference.pdf
But I have an exception when I test the SSO :
org.opensaml.common.SAMLException: NameID element must be present as part of the Subject in the Response message, please enable it in the IDP configuration
I added the rule NameID as described in the document. We use ADFS 3.0 on a server and Tomcat on another Linux server, but I don't think it has an impact on this... I can't find a way to resolve it, is someone (@vschafer ?) has a suggestion ?
Thanks in advance !
解决方案Finally found the solution : I had to set Rule Type as "Pass through or filter an incoming claim" because our ADFS server uses others claim providers.
More info: http://technet.microsoft.com/en-us/library/dd807060(v=ws.10).aspx
这篇关于配置ADFS 3.0 / SAML 2.0以与Spring Security配合使用以进行SSO集成的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!