我在Ping Federate中使用Http Form Adapter.如何从SAML响应获取用户属性? [英] I am using Http Form Adapter in Ping Federate. How to get user attributes from SAML Response?
问题描述
Http Form适配器在我的应用程序中用作身份验证服务.我尚未在身份提供者上实现任何应用程序来获取用户输入.
Http Form adapter serves as an authentication service in my application. I have not implemented any application on the Identity Provider to get user inputs.
因此,在成功进行身份验证时,SP会验证用户的签名并重定向到应用程序.在目标资源上,我收到一个开放令牌.是否仍然可以使用开放的令牌罐从OTK读取用户属性?
Therefore, on successful authentication, SP verifies the user's signature and redirects to the application. At my target Resource, I receive an open token. Is it still possible to utilize the open Token Jar to read the user attributes from OTK?
**注意:**在服务提供商中,我使用开放令牌适配器.
**Note: ** In Service Provider, I use open token Adapter.
另外,请告知我,除了使用开放令牌适配器/http表单适配器以外,是否还有其他获取用户属性的可能方法.
Also, please let me know if there is any other possible way of getting the user attributes other than using the open token adapter/http form adapter.
谢谢.
推荐答案
如果正确理解问题,则希望Web应用程序可以读取和利用这些属性.这从"SP连接"配置开始.我将假设您正在使用Active Directory,并且已经为HTML表单IdP适配器配置了该数据源以及密码凭据验证器(PCV).在SP Connection中,您将需要扩展属性协定以定义要放入SAML断言中的值,然后使用Active Directory数据源来实现属性.当PingFederate SP角色服务器收到SAML断言时,SP适配器将属性值从SAML断言映射到OpenToken.当您的应用程序收到OpenToken时,它可以读取值.
If understand the question correctly, you desire attributes to be fulfilled that the web application can read and utilize. This starts with the SP Connection configuration. I am going to assume you are using Active Directory and already configured that data source along with the Password Credential Validator (PCV) for the HTML Form IdP Adapter. In the SP Connection you will need to extend the attribute contract to define the values to put into the SAML assertion and then use the Active Directory data source to fulfill the attributes. When the SAML assertion is received by the PingFederate SP role server, the SP Adapter maps the attribute values from the SAML assertion into the OpenToken. When your application receives the OpenToken, it can read the values.
这篇关于我在Ping Federate中使用Http Form Adapter.如何从SAML响应获取用户属性?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
