SamlSP element

Previous Next

In a SecurityConfig.xml security configuration file, the <SamlSP> element contains SAML authentication configuration.

Example

<SamlSP samlVersion="urn:oasis:names:tc:SAML:2.0:protocol" metadataURL="https://adfs.usoft.com/federationmetadata/2007-06/federationmetadata.xml" sessionName="pet_saml" spFriendlyName="PET91_saml" lifeTime="1800" landingPage="" nameQualifier="">
   <Attributes representation="adfs" description="" serviceName="travel_saml" nameIDFormats="EMAIL ">
      <Attribute require="false" friendlyName="E-Mail Address" name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
   </Attributes>
   <Info lang="en" contactEmail="atechnicalperson@usoft.com" contactName="Technical Person" contactType="technical" organisationURL="www.usoft.com" displayName="Usoft" organisationName="USoft" />
   <SigningKey pwd="p3Gl+pQ3omt+3Crp49c1qErOw+w=" type="PKCS12"> certificate value here
   </SigningKey>
</SamlSP>

Child elements

The following table describes child elements for the <SamlSP> element:

Name

Required

Description

Attributes

No

Contains a collections of attributes used in SAML assertions.

Info

No

Specifies basic information about an organization and a person responsible for SAML entity.

EncryptionKey

No

Contains security certificate used for encrypting SAML assertions

SigningKey

No

SigningKey element contains security certificate used for signing SAML assertion.

Attributes

The following table describes attributes for the <SamlSP> element:

Name

Required

Type

Description

samlVersion

Yes

String

SAML version used by Service Definer.

Service Definer supports only version 2.0, the coresponding URI value is urn:oasis:names:tc:SAML:2.0:protocol. Do not change this value.

lifeTime

Yes

Integer

The lifetime of the SAML session in seconds.

NOTE:  When using SAML authentication, the connection session expiration seconds is not used, instead this field is used as lifetime for the generated authentication cookie.

landingPage

Yes

String

An URI that is automatically visited after logging in or logging out from the Identity Provider.

sessionName

Yes

String

The name of the SAML session. This name is used as part of the authentication cookie sent to the client.

This contains the value from the Entity Name field in a SAML Configuration in Service Definer.

 

See also

Security configuration