SAML2 在表单中提交 XML SAMLRequest 值 [英] SAML2 Submitting XML SAMLRequest value in a form
问题描述
我正在尝试使用 SAML 验证用户登录.我有一个简单的 HTML 表单.
I'm trying to authenticate user logon with SAML. I have a simple HTML form.
<form method="post" action="https://abcd/login">
<input type="hidden" name="SAMLRequest" value="request" />
<input type="hidden" name="RelayState" value="token" />
<input type="submit" value="Submit" />
</form>
我很困惑如何仅使用 javascriptSAMLRequest 发送 XML 的 base64 编码代码>.如果有人能指出正确的方向或链接到演示,那将是一个巨大的帮助.
I'm confused about how I can send the base64 encoding of the XML for the SAMLRequest with just javascript. It would be a huge help if someone could point me in the right direction or link to a demo.
推荐答案
这取决于您使用的 SAML2 配置文件.假设您使用的是 Web 浏览器 SSO (WBSSO),这一切都是通过 POSTing 自动将浏览器发送到 URL 来完成的.用户访问您的应用程序,您创建 SAMLRequest 和 RelayState 并自动将表单发布到 IdP.IdP 对用户进行身份验证(您不关心这部分),然后使用包含身份验证信息和属性的 base64 SAMLReponse 自动将浏览器重定向回您的断言消费者服务 (ACS) URL.此处对 SP 启动流程进行了简单概述.
It depends what SAML2 profile you are using. Assuming you're using Web Browser SSO (WBSSO) it's all done via automatically sending the browser to URLs via POSTing. The user accesses your application and you create the SAMLRequest and RelayState and automatically POST the form to the IdP. The IdP authenticates the user (you don't care about this part) and then automatically redirects the browser back to your Assertion Consumer Service (ACS) URL with a base64 SAMLReponse containing the authentication information and attributes. There's a simple overview of the SP initiated process here.
这是我的做法:
<html>
<body Onload="document.forms[0].submit()">
<form method="POST" action="<%= request.getAttribute("wbsso_endpoint") %>">
<input type="hidden" name="SAMLRequest" value="<%= request.getAttribute("SAMLRequest") %>">
<% if (request.getAttribute("RelayState") != null) { %>
<input type="hidden" name="RelayState" value="<%= request.getAttribute("RelayState") %>">
<% } %>
</form>
</body>
</html>
这篇关于SAML2 在表单中提交 XML SAMLRequest 值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
