mposolda
633696ab7d
Kerberos/SPNEGO login in SAML applications
2015-03-02 20:28:04 +01:00
Bill Burke
4361ce1d42
mapper refactoring
2015-02-28 19:48:50 -05:00
Bill Burke
2da925505e
saml attribute mappers
2015-02-28 11:17:06 -05:00
Bill Burke
9dd9c9b37f
add saml mapper interfaces
2015-02-27 20:16:34 -05:00
Bill Burke
100dbd5fd7
ProviderFactory.postInit()
2015-02-23 12:11:48 -05:00
Bill Burke
20f12ea960
changes
2015-02-20 09:22:49 -05:00
Bill Burke
9b053e6918
more saml config
2015-02-11 21:56:16 -05:00
Bill Burke
0e9fcf19e0
saml url support
2015-02-10 11:33:18 -05:00
Bill Burke
ea3bba98aa
saml frontchannel logout
2015-01-28 17:09:13 -05:00
pedroigor
edecda8599
[KEYCLOAK-986] - Escape characters when doing SAML POST Binding.
2015-01-23 12:09:44 -02:00
Stian Thorgersen
72b4790c4f
Merge pull request #922 from pedroigor/KEYCLOAK-883
...
[KEYCLOAK-883] - More SAML configuration. Using SAML builders to create AuthnRequest.
2015-01-22 12:26:19 +01:00
pedroigor
d1f38a4236
[KEYCLOAK-987] - IdP should respect the protocol binding when processing AuthnRequest.
2015-01-21 23:53:56 -02:00
pedroigor
b9a7594113
[KEYCLOAK-883] - More SAML configuration. Using SAML builders to create AuthnRequest.
2015-01-21 23:40:20 -02:00
Bill Burke
a0ba6d2c16
saml redirect logout 1st step
2015-01-16 18:57:33 -05:00
Bill Burke
795b1d2893
saml persistent and transient id support
2015-01-07 19:23:33 -05:00
Bill Burke
5c6dd8e0c3
temp fix for contributor SAML PR
2014-11-11 22:09:38 -05:00
Eivind Mikkelsen
24a2773524
Add SAML NameID Formats and include certificate in signature
...
The NameID Format in the AuthnRequest NameIDPolicy is now respected,
and support has been added for the following NameID Formats:
- urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
The persistent NameID format was previously used in all responses
and mapped to the principal's username. Now, unspecified is mapped
to the principal's username and used by default if no NameIDPolicy
is specified by the SP.
The persistent format requires generating a pseudo-random identifier
that must be generated by the IdP on first login and stored in the
user's profile. Persistent NameID Format is not yet implemented.
The certificate is now added to the signature to enable support for
integration with Service Providers where only the IdP's certificate
fingerprint is configured (e.g. Zendesk).
2014-11-12 01:24:51 +01:00
Stian Thorgersen
9b0d5acb50
KEYCLOAK-704 KEYCLOAK-768 Improvements to access code generation
2014-10-31 12:45:03 +01:00
Bill Burke
12e2a4698d
idp descriptor
2014-10-28 12:49:31 -04:00
Bill Burke
e3609cc85b
app importer
2014-10-28 11:54:58 -04:00
Bill Burke
ce76270ad8
saml key refactor
2014-10-24 10:58:32 -04:00
Bill Burke
f715a026ba
force post binding switch
2014-10-22 14:32:46 -04:00
Bill Burke
f38c6d3412
config optiosn
2014-10-22 14:00:56 -04:00
Bill Burke
4d3299ae08
saml distro and examples
2014-10-21 21:39:10 -04:00
Bill Burke
668497df4d
upload keys
2014-10-21 16:33:17 -04:00
Bill Burke
d3375962ad
signature algorithm support
2014-10-21 10:35:39 -04:00
Bill Burke
e2de6edff8
saml unit tests
2014-10-20 16:31:00 -04:00
Bill Burke
c91ecc3033
saml redirect binding
2014-10-17 16:48:45 -04:00
Bill Burke
3e5afcde9e
saml encryption
2014-10-16 11:44:51 -04:00
Bill Burke
4750b22b6d
saml signatures
2014-10-16 09:14:04 -04:00
Stian Thorgersen
1021e8af5c
KEYCLOAK-753 Add 'username:' prefix to remember me cookie to prevent issue with old cookie
2014-10-14 13:44:03 +02:00
Bill Burke
13a2108846
undertow slash redirect problem
2014-10-08 09:45:49 -04:00
Bill Burke
6d5ab0f66b
saml backchannel logout
2014-10-07 18:06:02 -04:00
Bill Burke
e3a3933390
saml basic
2014-10-04 21:27:48 -04:00