Use Case :
In my use case I have to do IdP-initiated SSO so I don't need an authentication request. I just need to create a SAML response in my IdP Java App to send to an already configured Service Provider to accept POST Request.
Assuming I have a Java application using OpenSaml (IdP) that has created a saml response that contains a signed assertion. I also have a service provider configured to receive my saml response.
How can I send my saml response to the service provider to verify that my response is written correctly and thus verify that the communication between the IdP and the SP is ok?
I would like to do it in Java via a POST, but I don't know if it is possible without using a browser. The idea is just to check that the SAML response is written correctly and display the response of the POST request.
You can certainly test your SAML configuration using a POST from Java, but you can also use a tool like Postman or cUrl.
The POST looks like this:
POST /SAML2/SSO/POST HTTP/1.1
Host: sp.example.com
Content-Type: application/x-www-form-urlencoded
Content-Length: nnn
SAMLResponse=response&RelayState=token
Make sure that the SAMLResponse and the RelayState (if any) are url-encoded.
You may also want to look here: http://saml.xml.org/wiki/idp-initiated-single-sign-on-post-binding