tag:blogger.com,1999:blog-11195359.post8923880737716710612..comments2023-08-18T17:53:12.377+12:00Comments on Random thoughts and collisions: ADFS : Problems with SAML and domainsnzpcmadhttp://www.blogger.com/profile/06352759009406963230noreply@blogger.comBlogger9125tag:blogger.com,1999:blog-11195359.post-65684509749462853382019-02-19T14:50:53.753+13:002019-02-19T14:50:53.753+13:00Very few people use that.
Essentially here an art...Very few people use that.<br /><br />Essentially here an artifact is returned and a back channel (usually SOAP) is used to exchange the artifact for a SAML token.<br />nzpcmadhttps://www.blogger.com/profile/06352759009406963230noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-28707849226172087272019-02-19T13:01:30.383+13:002019-02-19T13:01:30.383+13:00This is IDP initiated using artifact resolution bi...This is IDP initiated using artifact resolution binding.<br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-89786572190439752492019-02-19T07:01:33.457+13:002019-02-19T07:01:33.457+13:001. Yes
2. No the normal IDP flow is:
ADFS sends Au...1. Yes<br />2. No the normal IDP flow is:<br />ADFS sends AuthnRequest to IDP<br />IDP asks user to authenticate<br />IDP sends AuthnResponse with SAML token containing the claims<br />User authenticated<br /><br />Is this SP or IDP initiated?<br />Is this POST or artifact resolution binding?<br /><br /><br />nzpcmadhttps://www.blogger.com/profile/06352759009406963230noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-12896098047968921832019-02-18T15:35:56.291+13:002019-02-18T15:35:56.291+13:00Thanks very much for your response!
Not sure is m...Thanks very much for your response!<br /><br />Not sure is my question and understanding correct:<br /><br />1. In this post, is the 3rd party SAML provider as IDP and ADFS as SP? <br /><br />2. If ADFS is a SP and have a 3rd party IDP and i have flow below: <br /> a) When user authenticates on IDP <br /> b) ADFS received responses<br /> c) ADFS sends SAML artifact to IDP<br /> d) IDP responded with SAML assertion<br />Does ADFS required any customization via Code to have step b and step c to works? Or the bindings under “SAML Assertion Consumer Endpoints” is the magic to make them work?<br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-60459796874095457552019-02-18T07:21:31.013+13:002019-02-18T07:21:31.013+13:00Pretty much - it's a combination of GET and PO...Pretty much - it's a combination of GET and POST.<br />nzpcmadhttps://www.blogger.com/profile/06352759009406963230noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-58712616444989408302019-02-18T03:54:17.466+13:002019-02-18T03:54:17.466+13:00Hi there, i'm new to adfs and SAML. Can i unde...Hi there, i'm new to adfs and SAML. Can i understand from you how does the "POST binding" works? Does that mean ADFS will do a POST with saml request to IDP to get the user info?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-87789592954330704982015-05-30T00:20:03.506+12:002015-05-30T00:20:03.506+12:00Thanks for your article, worked for me!Thanks for your article, worked for me!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-26893350934263982012-12-21T09:33:25.166+13:002012-12-21T09:33:25.166+13:00As the article says, "Click on “Edit”, copy t...As the article says, "Click on “Edit”, copy the URL, then click on “Add”." So I just used the existing configured URL. If I recall correctly, I did it for both Post and Artifact.<br />nzpcmadhttps://www.blogger.com/profile/06352759009406963230noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-64375167636113881082012-12-20T17:30:54.737+13:002012-12-20T17:30:54.737+13:00hi there. i am getting this same error. what url...hi there. i am getting this same error. what url did you copy to create the new endpoint, and also was it for POST only or all of the options?Anonymousnoreply@blogger.com