I'm trying to authenticate user logon with SAML. I have a simple HTML form.
<form method="post" action="https://abcd/login">
<input type="hidden" name="SAMLRequest" value="request" />
<input type="hidden" name="RelayState" value="token" />
<input type="submit" value="Submit" />
</form>
I'm confused about how I can send the base64 encoding of the XML for the SAMLRequest with just javascript. It would be a huge help if someone could point me in the right direction or link to a demo.
It depends what SAML2 profile you are using. Assuming you're using Web Browser SSO (WBSSO) it's all done via automatically sending the browser to URLs via POSTing. The user accesses your application and you create the SAMLRequest and RelayState and automatically POST the form to the IdP. The IdP authenticates the user (you don't care about this part) and then automatically redirects the browser back to your Assertion Consumer Service (ACS) URL with a base64 SAMLReponse containing the authentication information and attributes. There's a simple overview of the SP initiated process here.
Here's how I do it:
<html>
<body Onload="document.forms[0].submit()">
<form method="POST" action="<%= request.getAttribute("wbsso_endpoint") %>">
<input type="hidden" name="SAMLRequest" value="<%= request.getAttribute("SAMLRequest") %>">
<% if (request.getAttribute("RelayState") != null) { %>
<input type="hidden" name="RelayState" value="<%= request.getAttribute("RelayState") %>">
<% } %>
</form>
</body>
</html>