SAML SOAP Binding: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 8: Line 8:
=SAML Request=
=SAML Request=


The SAML request consists in a SOAP Envelope and a SOAP Body. The SOAP Body includes a Security Token, a digital signature, generated using [[XML Signature]] and the request data.  
The SAML request consists in a SOAP Envelope and a SOAP Body. The SOAP Body includes a Security Token, a digital signature, generated using [[XML Signature]] and the request data.
 
An AuthnRequest example:
 
<pre>
<env:Envelope xmlns:env=”http://www.w3.org/2003/05/soap/envelope/”>
 
    <env:Body>
 
        <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                      ForceAuthn="true"
                      AssertionConsumerServiceURL="http://www.example.com/serviceA/"
                      AttributeConsumingServiceIndex="0"
                      ProviderName="string"
                      ID="skdfa7234"
                      Version="2.0"
                      IssueInstant="2005-06-01T01:00:00Z"
                      Destination="http://www.example.com/"
                      Consent="http://www.example.com/">
 
            <saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">
                    user1@example.com
                </saml:NameID>
            </saml:Subject>
        </samlp:AuthnRequest>
    </env:Body>
</env:Envelope>
</pre>


=SAML Response=
=SAML Response=


The SAML response also consists in a SOAP Envelope and a SOAP Body. The SOAP Body includes the digital signature and the response data.
The SAML response also consists in a SOAP Envelope and a SOAP Body. The SOAP Body includes the digital signature and the response data.

Revision as of 17:57, 21 February 2017

Internal

Overview

SAML Request

The SAML request consists in a SOAP Envelope and a SOAP Body. The SOAP Body includes a Security Token, a digital signature, generated using XML Signature and the request data.

An AuthnRequest example:

<env:Envelope xmlns:env=”http://www.w3.org/2003/05/soap/envelope/”>

    <env:Body>

        <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                       ForceAuthn="true"
                       AssertionConsumerServiceURL="http://www.example.com/serviceA/"
                       AttributeConsumingServiceIndex="0"
                       ProviderName="string"
                       ID="skdfa7234"
                       Version="2.0"
                       IssueInstant="2005-06-01T01:00:00Z"
                       Destination="http://www.example.com/"
                       Consent="http://www.example.com/">

            <saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">
                    user1@example.com
                </saml:NameID>
             </saml:Subject>
        </samlp:AuthnRequest>
    </env:Body>
</env:Envelope>

SAML Response

The SAML response also consists in a SOAP Envelope and a SOAP Body. The SOAP Body includes the digital signature and the response data.