Uploaded image for project: 'Repose'
  1. REP-4831

SAML HTTP Post Binding Translation Filter

    Details

    • Type: Story
    • Status: Resolved (View workflow)
    • Priority: Very High
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 8.4.0.1
    • Component/s: None
    • Labels:
      None
    • Epic Link:
    • Sprint:
      Sprint 133
    • Story Points:
      3
    • Capitalizable:
      True

      Description

      As Identity, We want SAML Mapping messages encoded coming in to Identity and decoded using Identity's Repose, using HTTP Post Binding So that character encoding issues are eliminated.

      Message in as encoded as http post, comes out as artifact...

      Assuming content type is correct, take http request, get.parm.saml.response, get string back, decode string.

      There are three types of binding:

      1. SOAP Binding
      2. HTTP Post Binding
      3. Artifact Binding

      Mario: I researched SAML a bit and spoke to Jorge about my findings. I updated the AC as a result. Read the "History" tab for more details on the updates.

      Acceptance Criteria:

      • SAML Mapping messages decoded from a HTTP Post Binding to Artifact Binding
        • The SAML Response XML will be in the "SAMLResponse" field and will be base64 encoded.
        • There may be other fields such as "RelayState" which should be dropped.
      • A new filter is created to do the decoding.
      • Filter contains no configs.
        • It's presence in the filter chain indicates the filter should process the request under the following conditions:
          • Method is POST
          • Content type matches application/x-www-form-urlencoded
          • Body contains field "SAMLResponse"
      • Filter will not offer functionality to re-encode
      • Filter will fail if it cannot decode the "SAMLResponse" field, return a bad request response.
      • If no "SAMLResponse" field, return a bad request response.

        Attachments

          Issue links

            Activity

              People

              • Assignee:
                mario.lopez Mario Lopez
                Reporter:
                adrian.george Adrian George
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: