Highest Voted 'saml' Questions - Software Engineering Stack Exchange

4

votes

0 answers

How to implement SAML Authentication SPA and REST Backend

Developing a SPA (with VueJS) that is talking to our own REST API Backend(Separate server). Normal authentication flow in the SPA: User credentials after submission are sent to the backend and if authentication is successful a token is returned…

rest single-page-apps saml

asked Oct 02 '19 at 13:29

Matt

141
3

4

votes

2 answers

Integration with multiple SSO's

Currently, we had a web app that integrated with SSO through Open-Id protocol Then we got another client that had it's own SSO and need us to integrate with their SSO through SAML protocol so their employees can authenticate and use our site, then…

web-development web-applications sso openid saml

asked Apr 04 '19 at 15:16

Nabawoka

49
2

3

votes

3 answers

Moving between sites using SAML

I'm tasked with developing an SSO system, and was guided towards using the SAML spec. After some research I think understand the interaction between a Service Provider and an ID Provider and how a user's identity is confirmed. But what happens when…

security sso saml

asked Nov 16 '12 at 20:01

System Down

4,743
3
24
35

3

votes

2 answers

For ASP.NET Programmers: Does the executable 'dcpromo' have any significance?

Dcpromo.exe is famous among MCSEs for being they only way to create a Windows Domain Controller (in other words an Active Directory Domain) ... which in turn is often used by the ASP.NET Membership system. I'm trying to determine if I should put…

cloud-computing saml adfsv2 sso asp.net

asked Sep 05 '10 at 23:26

makerofthings7

6,038
4
39
77

2

votes

1 answer

Why do we need to validate the SAML Response that came from IdP? (unless you are using http)

I came across several cases where people are validating the saml response (verifying the signatures in the xml using the IdP's public key). But, Why do we need to do that? (unless http is being used) This might be a dumb question, but google is not…

saml

asked Apr 04 '19 at 10:18

Nagarjuna Borra

141
3

2

votes

2 answers

How to secure web services when authentication is done at client side (frontend)

I have web application which structure is as- webapi : django web services [NOT REST] no security implemented frontend : Angular2. authentication implemented via SAML Database : Mongodb Can you please suggest best way to secure webapi, as…

authentication web-api django authorization saml

asked Dec 07 '17 at 07:22

sachin27

31
5

2

votes

1 answer

Should an Identity Provider be a separate web application than a Authentication system

I'm currently writing a SAML Identity provider(Idp) to enable SSO and one of the easy ways to go about it is to use Shibboleth Identity Provider which is a ready deployable web application on it's own. We also have an in-house authentication system…

authentication microservices sso saml

asked Aug 18 '17 at 20:18

noob Mama

123
3

2

votes

3 answers

What product is better: ADFSv2, Ping Identity, CS Siteminder?

I'm comparing different STS's for claims based authentication and am trying when it's appropriate to use each one. It appears that ADFSv2 should be used in all Windows Environments. Ping and Siteminder are more for the Unix side... although a…

saml adfsv2 sso

asked Sep 05 '10 at 23:01

makerofthings7

6,038
4
39
77

1

vote

0 answers

How to integrate multiple services via API's into a single dashboard on a per-user basis with SSO?

so my project is that I'd like to pull data from a bunch of different services/API's and show them in a single dashboard. SSO is a requirement so I want to make sure the user doesn't have to put in their password over and over. The system already…

oauth2 sso saml

asked May 19 '20 at 16:51

fjlksahfob

111
1

1

vote

0 answers

Single Sign On implementation for CMS

This is a general question seeking guidance for the best practice(s) on implementing a Single Sign On (SSO) across many various installations of the same application. The hypothetical example I would like to pose - imagine you have 200 Wordpress…

authentication cms sso saml

asked Jan 21 '19 at 22:54

sudoyum

19
1

0

votes

1 answer

Best way to store Session token on mobile App

Background Building a mobile App for product X which is currently hosted as a SaaS solution. The product X does not support OAuth currently, implements basic authentication and generates Session token after authentication. Product X also implements…

authentication mobile oauth2 sso saml

asked Apr 28 '20 at 06:10

anuragal

109
3

0

votes

0 answers

Is it a good practice to store session in two different places?

I have a use case like this and I am wondering if this solution is a good practice or not. Say I have a website called dashboard.com and this is only for US region. When users login here, I am storing their session into USRedis instance. However…

security spring session redis saml

asked Dec 05 '19 at 18:06

theprogrammer

109
2

0

votes

1 answer

What should be specified in the Saml AuthnRequest Issuer element

While generating the SamlRequest xml, what should the Issuer element be specified with? In the saml docs (https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf), Issuer was not mentioned anywhere under the AuthnRequest section. But, If…

saml

asked Jul 14 '17 at 17:13

user136627

41
1
4

Questions tagged [saml]