I am going to register a new application in the Azure active directory for SAML login. How can I generate my reply URL and single sign on url and entity ID ? Answer You can find these details on the single sign in page of the app, under the “Enterprise Applications” section AttributionSource : Link … Read more
Is there any experience in configuring IBM iWelcome as federated IdP for Azure AD? The scenario is: A user register on iWelcome by specifying her/his original email as user identifier (NOTE: this email can be on different domains) The IAM behind iWelcome (IBM CGI) creates a guest account for that user in Azure AD and … Read more
What does the “secure hash algorithm” option specified in the Advanced tab of the ADFS relying party trust properties actually affect? Is it a security problem that SHA1 is one of the options? If not, why not? Screenshot: ADFS relying party properties This blog from MS describes as follows: The relying party trust in ADFS … Read more
We are running PingFederate to enable access to a number of external application using internal authentication information (so kinda sorta SSO). There are methods for determining whether the PF service is up and accepting requests generally. But I’m wondering if anyone has any thoughts on how to do authentication testing in a way we can … Read more
We are doing SSO using ADFS and Shibboleth SP. In a perfect world, Windows authentication would always work, i.e., the user accesses https://shibboleth/Login?target=somewhere, is redirected to https://adfs/adfs/ls/SomeSamlRequest, the browser authenticates the user in the background using some Active Directory magic and finally, the user is redirected to the desired page without having encountered some login … Read more
Trying SAML with SSOCircle as IdP provider. Imported the public Idp metadata from SSOCircle into IdP Config document in idpconfig.nsf. Exported idp.xml from Domino and imported into SSOCircle. Since out-of-box supported IdP’s are ADFS and TFIM, set a new option called Other in IdP provider Product field. When I try to reach Domino host, SAMLRequest … Read more
I have a website that authenticates to ADFS using simpleSAMLphp. There are 4 web servers running RHEL 6 & Apache 2.2 behind a load-balancer. Call the 4 servers node1.mysite.com, node2.mysite.com, etc.. The users go to www.mysite.com (which points to the VIP) and are redirected to adfs.mysite.com to log in. After they login, they are redirected … Read more
Scenario User on AD client machine opens a browser and enters a https url to a service provider. Browser redirects to ADFS 3.0 IdP and the user is prompted to enter their AD user name and password. Browser redirects to the SP url and back to IdP six times until the following error is returned. … Read more
I have an application which we have recently implemented the use of SAML for authentication. For most of our customers, all their users access the application from the same country. This is simple as there is one URL. However, some of our customers who are global use different URLs, based on their location, to access … Read more
I want to implement SAML for Remote Desktop Services on Windows Server 2012R2. First, is it possible ? Then, I want to authenticate users from another AD with my RDS, like this architecture : https://technet.microsoft.com/en-us/library/dd807050(v=ws.11).aspx At this point, I’m able to authenticate users with SSO on the same AD, but not with an other. Answer … Read more
