Reputation: 21
WSO2 Idp initiated SSO
We are trying to implement an IDP iniated SSO process. We have a java app that authenticates the user and build a saml response. Our plan is to forward the saml response to WSO2 identity server and let WSO2 decide to which service provider it should forward the response.
I had configured an identity provider and a service provider in WSO2, and I am posting the saml response to https://wso2:9443/commonauth. When I post the saml response I get the following error in WSO2 logs
DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Session data key is null in the request
ERROR {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Context does not exist. Probably due to invalidated cache
Can someone please explain how to perform external IDP initiated SSO using WSO2.
Upvotes: 2
Views: 712
Answers (1)
Reputation: 196
For IDP initiated SSO, you should send the SAML response to https://wso2:9443/samlsso?spEntityID=[SPEntityID_value] (not https://wso2:9443/commonauth ) SPEntityID_value is the issuer value of your Service Provider. If you need to decide Service Provider dynamically from WSO2 side, you might have to do some customization in WSO2 SAML SSO inbound flow.
Upvotes: 2
Related Questions
- WSO2 Identity Server as an IDP
- WSO2 Identity Server: About SSO
- Single Sign On with WSO2 Identity server 5.1
- WSO2 Identity Server Authorization Service
- WSO2 Identity Server sso-idp-config.xml Reference
- WSO2 single sign on with Identity Server
- WSO2 Identity Server Authentication
- OpenID based SSO with WSO2 Identity Server
- SSO without Identity Provider Login Page
- WSO2 Identity Server authentication with SessionID