Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
SAML2 IdP 1.0
- This page describes the Higgins 1.0 SAML2 IdP Solution
- See SAML2 IdP 1.1 for the version currently under development
The Higgins SAML2 IdP supports the SP-initiated SSO profile defined by SAML 2.0 specifications. Two parties are involved in this profile: A service provider (relying party, SP), and an identity provider (IdP). The SP offers protected services and relies on the IdP to authenticate users.
See SAML2 IdP Overview 1.0 for a detailed description of the SAML2 IdP solution's functionality.
An instance of the SAML2 IdP is deployed at https://graceland.parityinc.net/saml2idp-test/.
The SAML2 IdP allows users to sign in to SPs (relying parties) using their credentials at some IdP.
The end user does not have to set up anything. The process is triggered by the end user trying to sign in at a SP.
See SAML2 IdP Deployment 1.0 for a detailed description of how to download and deploy the SAML2 IdP.
See SAML2 IdP Development 1.0 for a detailed description of how to set up your development environment for the SAML2 IdP solution.
The SAML2 IdP solution consists of two web applications (the actual IdP, and an example SP). They support the SP-initiated SAML 2.0 SSO profile:
See http://www.oasis-open.org/committees/security/ for more details about the SAML 2.0 protocol.
The Higgins components used by this solution are:
The two web applications that constitute the SAML2 IdP are:
These projects, as well as their dependencies, can be checked out from the Eclipse repository at the following SVN URI:
- SAML2 and STS Convergence covers ideas on how to integrate the SAML2 IdP Solution with the Higgins STS component.