SAML SOAP Binding

From NovaOrdis Knowledge Base
Revision as of 18:00, 21 February 2017 by Ovidiu (talk | contribs) (→‎SAML Request)
Jump to navigation Jump to search

Internal

Overview

SAML Request

The SAML request consists in a SOAP Envelope and a SOAP Body. The SOAP Body includes a Security Token, a digital signature, generated using XML Signature and the request data.

An AuthnRequest example:

<env:Envelope xmlns:env=”http://www.w3.org/2003/05/soap/envelope/”>

  <env:Body>

    <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
           ForceAuthn="true"
           AssertionConsumerServiceURL="http://www.example.com/serviceA/"
           AttributeConsumingServiceIndex="0"
           ProviderName="string"
           ID="skdfa7234"
           Version="2.0"
           IssueInstant="2005-06-01T01:00:00Z"
           Destination="http://www.example.com/"
           Consent="http://www.example.com/">

      <saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">

        <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">
          user1@example.com
        </saml:NameID>

       </saml:Subject>

     </samlp:AuthnRequest>

  </env:Body>

</env:Envelope>

SAML Response

The SAML response also consists in a SOAP Envelope and a SOAP Body. The SOAP Body includes the digital signature and the response data.