javasamlopensamlservice-provideridp

How to send my SAML 2.0 response to verify the communication to the Service Provider?


Use Case :
In my use case I have to do IdP-initiated SSO so I don't need an authentication request. I just need to create a SAML response in my IdP Java App to send to an already configured Service Provider to accept POST Request.

Assuming I have a Java application using OpenSaml (IdP) that has created a saml response that contains a signed assertion. I also have a service provider configured to receive my saml response.

How can I send my saml response to the service provider to verify that my response is written correctly and thus verify that the communication between the IdP and the SP is ok?

I would like to do it in Java via a POST, but I don't know if it is possible without using a browser. The idea is just to check that the SAML response is written correctly and display the response of the POST request.


Solution

  • You can certainly test your SAML configuration using a POST from Java, but you can also use a tool like Postman or cUrl.

    The POST looks like this:

    POST /SAML2/SSO/POST HTTP/1.1 
    Host: sp.example.com 
    Content-Type: application/x-www-form-urlencoded 
    Content-Length: nnn 
    SAMLResponse=response&RelayState=token
    

    Make sure that the SAMLResponse and the RelayState (if any) are url-encoded.

    You may also want to look here: http://saml.xml.org/wiki/idp-initiated-single-sign-on-post-binding