By: Ian Birch user 24 Sep 2018 at 6:18 p.m. CDT

1 Response

I am using an off-the-shelf application that supports SAML 2.0 for claims authentication, but doesn't provide any metadata (no URL or file) as the Service Provider. Is there a way to establish a trust relationship with this SP without it supplying metadata? I tried selecting "none" as the metadata location but the validation never appears as successfull?

Rhel 7.5

closed

By Aliaksandr Samuseu staff 24 Sep 2018 at 7:23 p.m. CDT

Copy

Hi, Ian. >Is there a way to establish a trust relationship with this SP without it supplying metadata? No, isn't possible. But you can craft metadata manually, using any other SP's metadata as a template. For example, here is simplistic metadata for Google Apps: ``` <EntityDescriptor entityID="google.com/a/domain.com" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat> <AssertionConsumerService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.google.com/a/domain.com/acs" > </AssertionConsumerService> </SPSSODescriptor> </EntityDescriptor> ``` You could try to edit it into something reflecting your setup. The question itself isn't really related to Gluu Server, and thus doesn't fall within scope of Community support. You could try Shibboleth-related resources in case of further difficulties.

You need to Login in order to post an answer

SP doesn't provide metadata

By: Ian Birch user 24 Sep 2018 at 6:18 p.m. CDT

Answers

By Aliaksandr Samuseu staff 24 Sep 2018 at 7:23 p.m. CDT

Post an answer