SAML simple example for beginners

41
votes

I am beginner to the SAML v2.0 technology and I get the theory knowledge but I didn't find any examples on Google. Can anybody provide me with a step by step example for simple "SAML for v2.0".

  1. Upto now I've gone through the theory part,i.e.., it support Single sign on and
    also I understood about the Service provider and Identity Provider .
  2. Presently I am working on Linux Environment
  3. I need basic example in step by step manner how the request is moving from user -> Identity Provider->Service Provider and how to configure the environment .
  4. Is it possible to execute the example for the SAML v2.0
  5. Is their any chance to execute SAML example in Java language,If it possible you can
    provide the example on Java also.
2
javasecuritysingle-sign-onsaml-2.0
You should provide more details. What language/platform, what have you tried so far, what elements of the theory you know already. The question is likely to be closed if you don't put more effort into it.Wiktor Zychla
I think this question shows a lot of effortdanday74

2 Answers

32
votes

Typical SSO with SAML is something called Web SSO Profile. There are many products supporting this on the market for example OpenAM, Shibboleth, OpenSAML and Oracle Identity Federation. The specific configuration is dependant on what product you choose to use. A working example of OpenSAML that I use in my book is availible here.

On a SAML level, the SP and IDP exchanges Metadata which contain configuration information on how the SP and IDP want to communicate.

SSO is then done in four steps:

  1. SP sees that the user does not have an authenticated session.
  2. The SP redirects the user to IDP with a SAML AutnRequest as an URL parameter.
  3. The IDP authenticates the user and redirects it back to the SP with an artifact in URL parameter.
  4. The SP exchanges the Artifact for an Assertion over SOAP using a ArtifactResolveRequest to the IDP.

If you want to code this yourself in Java, you can use OpenSAML. On my blog I have many examples on how to use it.

In my book, A Guide To OpenSAML, I write alot about this

EDIT New edition of the book is out, covering OpenSAML v3

6
votes

You can simply follow steps in this manual, which will help you create a simple SAML 2.0 federation between a local Service Provider and a public Identity Provider.

Once you set this up you can use it to follow messages sent between IDP/SP and also as an example of a SAML component built with Java + OpenSAML + Spring.

There are also many other good sources of information on SAML, like the Stefan's blog mentioned above.