Get Username from session with SAML

By: Sylvain BONNEFON user 30 Jun 2021 at 4:29 a.m. CDT

6 Responses
Sylvain BONNEFON gravatar
Get username from client I would like to fill the username field automaticaly when the authentication is triggered by a client through SAML ? (Fill the field or better get the username from SAML data in the custom .py script) Where can I find an easy way to get the data in SAML request from the custom script please ? Best regards SB
Gluu 4.2.3 Ubuntu 18.0
closed

Answers

By Sylvain BONNEFON user 30 Jun 2021 at 9:05 a.m. CDT

Copy
Sylvain BONNEFON gravatar
For instnace, here in the data resquest (last line) from client to gluu SSO, I have the username as param. I would like to get this value from the auth script. ``` General Request URL: https://gluu-scw-docker.pre.whispeak.io/idp/profile/SAML2/POST/SSO Request Method: POST Status Code: 302 Found Remote Address: 163.172.168.51:443 Referrer Policy: strict-origin-when-cross-origin Response Headers Cache-Control: no-store Connection: keep-alive Content-Security-Policy: frame-ancestors 'none'; Date: Wed, 30 Jun 2021 14:01:15 GMT Location: https://gluu-scw-docker.pre.whispeak.io/idp/profile/SAML2/POST/SSO?execution=e2s1 Server: nginx Strict-Transport-Security: max-age=0 Strict-Transport-Security: max-age=31536000; includeSubDomains Transfer-Encoding: chunked X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Xss-Protection: 1; mode=block Request Headers Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate, br Accept-Language: fr-FR,fr;q=0.9 Cache-Control: no-cache Connection: keep-alive Content-Length: 1502 Content-Type: application/x-www-form-urlencoded Cookie: JSESSIONID=node010g4hk4oii19511gajszwlen8u181.node0; org.gluu.i18n.Locale=fr; session_id=e38c8476-03c9-47ec-adfe-bd11df5ce97f; session_state=923d8f6cbfa2c9db17b42841a245f411dd18e5f3c4c3b2c73155831474a464cd.3fce4d6d-62ae-449e-af47-d8be31ed6882; opbs=c22c8467-115f-4335-a794-29e75bc0f3e9 Host: gluu-scw-docker.pre.whispeak.io Origin: https://login.microsoftonline.com Pragma: no-cache Referer: https://login.microsoftonline.com/ sec-ch-ua: "Chromium";v="91", " Not;A Brand";v="99" sec-ch-ua-mobile: ?0 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Sec-Fetch-User: ?1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36 Form Data SAMLRequest: PHNhbWxwOkF1dGhuUmVxdWVzdCBJRD0iXzk4MmJmMjc5LWNkZTUtNDMwOC1iNzc0LTBlYmU3NTMyMzFlZCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMjEtMDYtMzBUMTQ6MDE6MTAuNDU2WiIgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI+PElzc3VlciB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+dXJuOmZlZGVyYXRpb246TWljcm9zb2Z0T25saW5lPC9Jc3N1ZXI+PHNhbWxwOk5hbWVJRFBvbGljeSBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnBlcnNpc3RlbnQiLz48L3NhbWxwOkF1dGhuUmVxdWVzdD4= RelayState: estsredirect=2&estsrequest=rQIIAYXSy2vTcADA8abduoePTVGYCLLDDiIk_eXZZiAsNH2kj6RNk3bJpbZ5N6-2yZYuf4HHoSA42EU8yI6eRC-ePAyEnQdePA0viiePzr_Ay_cf-H7WVyikhAAEPMmhCLq7Q-AEOSqOaZgeUThM0CiARwRGwTiJUzgGUJ0E-Pzu-ubpz9NL8esn4d2DtxvGt6sbZ9AjO46n0W6hkCQJEpqmoxmIFvoFbxToTmB9gKALCLqCoJPssjmHq-JZNqLwIgUoskRQJF3CaapYQvjUc3ms6qpsN1b9CsE7ALSlLtaSPLc9kWPel0mVVR1BsjC1xoF22gWKpJBKysTqpO_yPQCU1HZbku2oAyXmWStVJItU_fZCrYnOZXZDYA5iG_uXcO6kxu_smhnO_eE0jOKT3KtsLNl8zcc8wzukRKJdntYHKnbkuWkrwme47qEclRxKkzrK1zyNG3UpjAac4rNMJDZ7RBdzYUzuBqIst2iuQXCoUuLp_V5Vc2lfpoyFISipgCtNs0xLtZDi5bixnxwBt11MDEO1NUJaVLWOSi9Mv1m0YXFENOmKNiWbB6hilJ2avUDbLQ-OIgJ1u8WB3oknBllu1o2e4PBoud-bE3HiY_uUOZXHZkdQJ74uF2WN4EjJIjS7VwZYJ5rhNOzHZEA2hqitRHDLaszoFq73J9yhVfYmVWDjToCKVbHMV9y2mLzP5a9n-mFwnrsdTo3A0ben89B0PON77n40DoPAMMNgL7GdaGqMXMScXyxBP5ZuruY3V7cy25nH98DqnyXozfK1neO90cMr5Evl9Y-dF89ebmXOlwsWNdGImGWwJqPrzsLu2YY1HnfrKRc7hX4wG_THjKCW4gMyeorvosd56DifP8_f4dghX5F6EsOzjMhiQ_ArDz1fyXxc-4_Gz7cyfwE1 username: sb@whispeak.fr ```

By Aliaksandr Samuseu staff 30 Jun 2021 at 11:58 a.m. CDT

Copy
Aliaksandr Samuseu gravatar
Hi, Sylvain. May be I'm having deja vu, but I'm pretty sure there was a request like this here, on Support Boards, not so long ago. Was it from you as well? I will assign it to the same staff member as before, in such case. If you don't remember, I'll try to investigate.

By Aliaksandr Samuseu staff 30 Jun 2021 at noon CDT

Copy
Aliaksandr Samuseu gravatar
Do you have any example of how exactly SAML SP will communicate/transfer this username to Gluu Server in SAML request?

By Sylvain BONNEFON user 30 Jun 2021 at 12:06 p.m. CDT

Copy
Sylvain BONNEFON gravatar
Hi Aliaksandre, No I never faced this need. Client send next data to https://--our-glu-server/idp/profile/SAML2/POST/SSO ``` Form Data SAMLRequest: PHNhbWxwOkF1dGhuUmVxdWVzdCBJRD0iXzk4MmJmMjc5LWNkZTUtNDMwOC1iNzc0LTBlYmU3NTMyMzFlZCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMjEtMDYtMzBUMTQ6MDE6MTAuNDU2WiIgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI+PElzc3VlciB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+dXJuOmZlZGVyYXRpb246TWljcm9zb2Z0T25saW5lPC9Jc3N1ZXI+PHNhbWxwOk5hbWVJRFBvbGljeSBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnBlcnNpc3RlbnQiLz48L3NhbWxwOkF1dGhuUmVxdWVzdD4= RelayState: estsredirect=2&estsrequest=rQIIAYXSy2vTcADA8abduoePTVGYCLLDDiIk_eXZZiAsNH2kj6RNk3bJpbZ5N6-2yZYuf4HHoSA42EU8yI6eRC-ePAyEnQdePA0viiePzr_Ay_cf-H7WVyikhAAEPMmhCLq7Q-AEOSqOaZgeUThM0CiARwRGwTiJUzgGUJ0E-Pzu-ubpz9NL8esn4d2DtxvGt6sbZ9AjO46n0W6hkCQJEpqmoxmIFvoFbxToTmB9gKALCLqCoJPssjmHq-JZNqLwIgUoskRQJF3CaapYQvjUc3ms6qpsN1b9CsE7ALSlLtaSPLc9kWPel0mVVR1BsjC1xoF22gWKpJBKysTqpO_yPQCU1HZbku2oAyXmWStVJItU_fZCrYnOZXZDYA5iG_uXcO6kxu_smhnO_eE0jOKT3KtsLNl8zcc8wzukRKJdntYHKnbkuWkrwme47qEclRxKkzrK1zyNG3UpjAac4rNMJDZ7RBdzYUzuBqIst2iuQXCoUuLp_V5Vc2lfpoyFISipgCtNs0xLtZDi5bixnxwBt11MDEO1NUJaVLWOSi9Mv1m0YXFENOmKNiWbB6hilJ2avUDbLQ-OIgJ1u8WB3oknBllu1o2e4PBoud-bE3HiY_uUOZXHZkdQJ74uF2WN4EjJIjS7VwZYJ5rhNOzHZEA2hqitRHDLaszoFq73J9yhVfYmVWDjToCKVbHMV9y2mLzP5a9n-mFwnrsdTo3A0ben89B0PON77n40DoPAMMNgL7GdaGqMXMScXyxBP5ZuruY3V7cy25nH98DqnyXozfK1neO90cMr5Evl9Y-dF89ebmXOlwsWNdGImGWwJqPrzsLu2YY1HnfrKRc7hX4wG_THjKCW4gMyeorvosd56DifP8_f4dghX5F6EsOzjMhiQ_ArDz1fyXxc-4_Gz7cyfwE1 username: sb@whispeak.fr ```

By Aliaksandr Samuseu staff 30 Jun 2021 at 12:25 p.m. CDT

Copy
Aliaksandr Samuseu gravatar
Ok, understood. Let me investigate then, I'll find that ticket and see what was suggested to that other user there.

By Sylvain BONNEFON user 06 Jul 2021 at 3:15 a.m. CDT

Copy
Sylvain BONNEFON gravatar
Hello Aliaksandr, Did you find the answer please. We really would like to add this feature for a demo tomorrow, so I would appreciate if you can give me some tips before that. Thanks, Best regards, SylvaiN BONNEFON

Post an answer