How do I simulate an ADFS IdP to facilitate the testing of my SP code

17
votes

I need to provide a SAML2.0 based Single Sign On (SSO) feature for my node.js service. This will consume SAML assertions generated by an Identity Provider (IdP) running Active Directory Federated Services (ADFS)

Ideally I would like to set up a test ADFS IdP that I can use to internally generate the SAML assertions. I could then use this to ensure my service handles these assertions correctly.

Unfortunately my company does not use Active Directory and so we cannot just setup a test ADFS platform. The licenses are expensive and so I cannot create an internal test server from scratch.

Is there a low-cost way I can simulate an ADFS IdP to provide a realistic test-bed for my new SSO service?

2
single-sign-onadfs

2 Answers

13
votes

Azure Active Directory should be very similar to implementations in ADFS (and the federation part is likely identical) and should be just fine for testing of your implementation. You can setup a free trial account for Microsoft Azure which includes the Azure Active Directory.

Information about SAML endpoints and SSO process can be found in the Azure documentation.

Other option is test against another SAML compatible Identity Provider, have a look at SSO Circle.

Microsoft also offers a Microsoft Partner Network Action Pack which enables companies to access a range of software (including Windows Server with ADFS) with development licenses for a reasonable price (few hundred euros). It might be your other option.

0
votes

If you're fine with using an arbitrary Test-IdP (and don't require AD FS) you could use Anders Abel's Sustainsys.Saml2 Stub IdP:

https://stubidp.sustainsys.com/

The Stub Idp is part of the Sustainsys.Saml2 open source package for ASP.NET.

You can easily create your own IdP tenant configuration and setup assertions meeting your individual requirements. I use it regularly and am really happy with it! Thank you, Anders 😊