NOT a heartbleed question

Bryan E. Wooten bryan.wooten at
Thu Apr 10 14:11:47 EDT 2014

I just got off a conference call with a vendor discussing SAML 2 SSO.

I thought I'd ask the list for their insight an feedback.

First they want to do IDP initiated login. We have never done that before. Is it as easy as I am lead to believe from this wiki page:

All need is a link like this:

The vendor does not supply meta-data. I thought that was a requirement.

And last does my 2.3.5 IDP meet these requirements out of the box or do I have work to do (beyond just configuration)?

2.0          Partner shall generate a SAML Response message, as specified by the SAML 2.0 standard, upon successful authentication of a user.
2.1          Partner shall digitally sign the SAML Response sent to Corestream using the private key of their signing certificate.
2.2          Partner shall provide Corestream with the public key of the certificate used to sign the SAML Response token.
2.3          Partner shall Base-64 encode the SAML Response
2.4          Partner shall transmit the Base-64 encoded SAML Response via a HTTP POST to the URL specified by Corestream.
3.0          Partner shall provide both a UAT and Production system for integration testing.



-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list