All geek questions in one place

Difference between AssertionConsumerServiceURL, assignment, consent in <saml: AuthnRequest>

I am trying to generate a SAML object using opensaml-java.

Link: slide # 30 at https://www.oasis-open.org/committees/download.php/12958/SAMLV2.0-basics.pdf

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                        ForceAuthn="true"
                        AssertionConsumerServiceURL="http://www.example.com/"
                        AttributeConsumingServiceIndex="0" ProviderName="string"
                        ID="abe567de6"
                        Version="2.0"
                        IssueInstant="2005-01-31T12:00:00Z"
                        Destination="http://www.example.com/"
                        Consent="http://www.example.com/" >

In this Destination, Consent, AssertionConsumerServiceURL, all three represent the same address. What do they really represent?

[Q.1] Is there a difference between the two? Of course, there must be some difference, otherwise they would not have all three things.

OR If it makes no difference what they represent?

EDIT 1: AssertionConsumerServiceURL is the IdP landing page where an IdP response message is expected.

+4
2

( saml 2 core 1477-1482)

- URL- , . , SAML , IDP , , . .

( saml 2 core lines 1483-1488)

- IDP, , ( ), SAML . .

AssertionConsumerServiceURL ( saml 2 core lines 2061-2067)

URL- , ID-. , ProtocolBinding. assertionConsumerServiceIndex, .

+3

SAML : ( ), (IdP) (SP). wiki

( SAML) (SAML Resposne)

AssertionConsumerServiceURL (SP). URL- (IdP) SAML, , (SP) .

, XML SAML ( ) SP IdP. .

  • HTTP POST,
  • HTTP
  • SAML SOAP ( SOAP 1.1)

, , SP URL- i.e

  • URL- POST- Assertion Consumer Service
  • URL- Adervion
0

Source: https://habr.com/ru/post/1525158/

More articles:


All Articles