WSO2 Idp initiated SSO

1
votes

We are trying to implement an IDP iniated SSO process. We have a java app that authenticates the user and build a saml response. Our plan is to forward the saml response to WSO2 identity server and let WSO2 decide to which service provider it should forward the response.

I had configured an identity provider and a service provider in WSO2, and I am posting the saml response to https://wso2:9443/commonauth. When I post the saml response I get the following error in WSO2 logs

DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Session data key is null in the request

ERROR {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Context does not exist. Probably due to invalidated cache

Can someone please explain how to perform external IDP initiated SSO using WSO2.

1
authenticationwso2single-sign-onwso2is
Hi, i am facing same issue while doing external idp initiated sso with spring saml using WSO2. Have you resolved this issue, if so can you please help me out with this. Thanks.Brijan Elwadhi

1 Answers

1
votes

For IDP initiated SSO, you should send the SAML response to https://wso2:9443/samlsso?spEntityID=[SPEntityID_value] (not https://wso2:9443/commonauth ) SPEntityID_value is the issuer value of your Service Provider. If you need to decide Service Provider dynamically from WSO2 side, you might have to do some customization in WSO2 SAML SSO inbound flow.