13
I Use This!
Activity Not Available

News

Posted about 15 years ago by [email protected]
Last year I added a simple hosted SAML 2.0 debugger here at Feide RnD. It has been extremely popular. Today I’m happy to announce the next revision beeing even simpler to use. The new version will handle both encoding and decoding of both the ... [More] HTTP-REDIRECT and HTTP-POST binding. The decoder is also intelligent, in the sense that it automatically extracts the raw message both in the form of a query string, the parameter or from a full url. It also automatically discovers whether the message is encoded with HTTP-REDIRECT or HTTP-POST. Go to the SAML 2.0 Debugger Here is a demo video that shows it in action: The SAML 2.0 Debugger is checked in as a SimpleSAMLphp module. read more [Less]
Posted about 15 years ago by [email protected]
A bit more than a few dayes later :-P, We are glad to announce a new release of the InfoCard module implementation for simpleSAMLphp. Here are the major changes: read more
Posted about 15 years ago by [email protected]
I created Secure Mail a couple of weeks ago, to be able to verify the sender of some kind of important messages related to Feide. This works great for sending public keys, certificates, metadata updates etc. But today I had to send a message ... [More] containing a secret URL, so I also had to ensure confidentialiy. I added a checkbox when you send message, that limits access to the message to only receivers that are able to authenticate with Feide and having a registered mail-address that match the intended receiver of the message. Here is a screenshot: [Less]
Posted about 15 years ago by [email protected]
Ingrid Melve, the manager of Feide, has started blogging about Identity. I’ve added her RSS feed in the right column here at RnD. Visit her blog Subscribe to RSS
Posted about 15 years ago by [email protected]
There is some problems with the virtual machine running the LDAP server connected to Feide OpenIdP. It will most likely not be fixed until Sunday afternoon.
Posted about 15 years ago by [email protected]
A document describing how to install Foodle.
Posted about 15 years ago by [email protected]
We’ve seen that in several installations of simpleSAMLphp and other SAML 2.0 implementations it occur that end-users add a bookmark to the login page. With SAML 2.0 this breaks. The reason why it breaks is that there needs to be a relation between ... [More] the received request and the response that is sent back to the SP. When the session is lost at the IdP, the only thing that is available to the IdP is the URL parameters of the visited page. What I did was to first implement the IdP-first SAML 2.0 scenario, and then add a new URL parameter to the login page called SessionLostURL. I pointed this URL to the endpoint that initializes IdP-first login. In the case that the login module is not able to retrieve the user session, it will redirect the user to the IdP-first endpoint, starting a new login session, and after the user successfully authenticates an unsolicited SAML 2.0 Response is sent back to the SP. read more [Less]
Posted about 15 years ago by [email protected]
I’ve added support for the IdP-first flow in SAML 2.0 where the SP never sends any AuthNRequests, but receives an unsolited Response. Here is instructions on how to use the functionality (this is also included in the IdP documentation as appendix ... [More] A): A. IdP-first setup If you do not want to start the SSO flow at the SP, you may use the IdP-first setup. To do this, redirect the user to the SSOService endpoint on the IdP with one parameter spentityid that match the SP EntityId that the user should be logged into. Here is an example of such an url: https://idp.example.org/simplesaml/saml2/idp/SSOService.php?spentityid=sp.example.org When the IdP-first flow is used an extra parameter is needed in the saml20-sp-hosted metadata. This is the RelayState parameter that tells the SP which URL to redirect the user to after the user is successfully authenticated. This typically is the frontpage of your application. An example of this can be: 'RelayState' => '/', [Less]
Posted about 15 years ago by [email protected]
Now, you can authenticate with Facebook to Foodle. This is just an option for people that does not already have a federated account. There is also a smooth way of adding links to Facebook pointing to your Foodle. Go here to test Foodle with ... [More] Facebook authentication - if you are already logged in with Feide it will not ask you for a second authentication, so clear your cookies or log out. [Less]
Posted about 15 years ago by [email protected]
Do more people have a facebook account than OpenID account? Probably Is it cruel to require people to sign up for a new Guest IdP account, when they could have re-used some other account? Yes, at least I think so Does simpleSAMLphp have a ... [More] SimpleSAMLphp Authentication module? Now it has! Was checked in to subversion one hour ago. I don’t think it fits everywhere, but certainly there are some setups where it make sense to allow facebook authentication as well as other popular authentication services. [Less]