Versions Compared

Old Version 12

changes.mady.by.user Ian Young

Saved on

compared with

New Version 13

changes.mady.by.user Rod Widdowson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Note
title

Advanced Configuration

Note, this is an advanced configuration feature. Most deployments can rely on the <SSO> shorthand element.

Table of Contents
Note

The ADFS handler is only available if the adsfs.so extension library is loaded by the SP.

Indicated by type="ADFS", this initiator supports Microsoft ADFS authentication requests, a subset of the WS-Federation passive requester profile. As a protocol handler, an entityID must be specified/known, which is then used to check for metadata with an <md:IDPSSODescriptor> role supporting ADFS. The absence of either causes a warning to be logged and the handler otherwise ignores the request.

A "supporting" IdP's role element has a protocolSupportEnumeration attribute containing the value "http://schemas.xmlsoap.org/ws/2003/07/secext", with an accompanying <md:SingleSignOnService>with a Binding of "http://schemas.xmlsoap.org/ws/2003/07/secext".

Attributes

Include Page
SessionInitiatorCommonAttributes
SessionInitiatorCommonAttributes

Query String Parameters

The following can be provided via the Initiator Protocol

Common Parameters

Include Page
SessionInitiationCommonQueryParameters
SessionInitiationCommonQueryParameters

Specific Parameters

There are no protocol specific parameters

...