Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
nareshbk Absent Member.
Absent Member.
423 views

Re: How to request urn:oasis:names:tc:SAML:2.0:ac:classes:


THis is an old post but I am trying to do the same. I am setting up SAML
2.0 SP and would like to specify the authentication contract. So in your
post you mentioned that the information does not need to be in any
metadata and it is a part of the authentication request?


<samlp:RequestedAuthnContext
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
Comparison="exact"><saml:AuthnContextClassRef
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef></samlp:RequestedAuthnContext>


Is PasswordProtectedTransport the name of the authentication contract?


--
nareshbk
------------------------------------------------------------------------
nareshbk's Profile: http://forums.novell.com/member.php?userid=43220
View this thread: http://forums.novell.com/showthread.php?t=401899

0 Likes
4 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: How to request urn:oasis:names:tc:SAML:2.0:ac:classes:

nareshbk wrote:

>
> THis is an old post but I am trying to do the same. I am setting up
> SAML 2.0 SP and would like to specify the authentication contract. So
> in your post you mentioned that the information does not need to be
> in any metadata and it is a part of the authentication request?
>
>
> <samlp:RequestedAuthnContext
> xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
> Comparison="exact"><saml:AuthnContextClassRef
> xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
> > urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</s
> > aml:AuthnContextClassRef></samlp:RequestedAuthnContext>

>
> Is PasswordProtectedTransport the name of the authentication contract?


It would expect the URI you configure on the auth contract I think. Try
secure/name/password/uri for the Secure Name/Password form.

--
Cheers,
Edward
0 Likes
nareshbk Absent Member.
Absent Member.

Re: How to request urn:oasis:names:tc:SAML:2.0:ac:classes:


Ed,

I understand that it requires the URI mentioned in the contract. But
How and where do I specify which contract to use in this SAML
configuration?

edmaa;2174370 Wrote:
> nareshbk wrote:
>
> >
> > THis is an old post but I am trying to do the same. I am setting up
> > SAML 2.0 SP and would like to specify the authentication contract.

> So
> > in your post you mentioned that the information does not need to be
> > in any metadata and it is a part of the authentication request?
> >
> >
> > <samlp:RequestedAuthnContext
> > xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
> > Comparison="exact"><saml:AuthnContextClassRef
> > xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
> > >

> urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</s
> > > aml:AuthnContextClassRef></samlp:RequestedAuthnContext>

> >
> > Is PasswordProtectedTransport the name of the authentication

> contract?
>
> It would expect the URI you configure on the auth contract I think.
> Try
> secure/name/password/uri for the Secure Name/Password form.
>
> --
> Cheers,
> Edward



--
nareshbk
------------------------------------------------------------------------
nareshbk's Profile: http://forums.novell.com/member.php?userid=43220
View this thread: http://forums.novell.com/showthread.php?t=401899

0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: How to request urn:oasis:names:tc:SAML:2.0:ac:classes:

nareshbk wrote:

>
> Ed,
>
> I understand that it requires the URI mentioned in the contract. But
> How and where do I specify which contract to use in this SAML
> configuration?


You mean where to put the element in the authnrequest or how to
configure it on the SP?


--
Cheers,
Edward
0 Likes
Highlighted
Anonymous_User Absent Member.
Absent Member.

Re: How to request urn:oasis:names:tc:SAML:2.0:ac:classes:


nareshbk;449 Wrote:
>
> I understand that it requires the URI mentioned in the contract. But
> How and where do I specify which contract to use in this SAML
> configuration?
>
> edmaa;2174370 Wrote:
>


I know this is an old thread, but I have had to do this recently and
wanted to make sure that others could find the solution. It took some
figuring out, but I got it to work. You put the contract URI in the
AuthnContextDeclRef element in the SAML request. Here is an example:

<samlp:RequestedAuthnContext>
<saml:AuthnContextDeclRef>yourcontract/name/password/uri</saml:AuthnContextDeclRef>
</samlp:RequestedAuthnContext>

Hope this helps!


--
MatthewEhle
------------------------------------------------------------------------
MatthewEhle's Profile: https://forums.netiq.com/member.php?userid=4
View this thread: https://forums.netiq.com/showthread.php?t=107

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.