Example: SAML IdP for Cloud Authentication Service Assertion

Document created by RSA Information Design and Development on Apr 14, 2017Last modified by RSA Information Design and Development on Nov 22, 2019
Version 28Show Document
  • View in full screen mode

<?xml version="1.0" encoding="UTF-8"?>

<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="http://company-vm.local:81/saml-sp/response.do" ID="_ad254d049179ab5b03dc903c29985da6" InResponseTo="_0fd4fbcc-8e0a-4c3c-b380-b4fa3b2bf4e9" IssueInstant="2017-02-03T18:32:54.860Z" Version="2.0">

<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://company.com/saml-fe/sso</saml2:Issuer>

<saml2p:Status>

<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>

</saml2p:Status>

<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_eb78cdec36f4f99b39f30302a56662f5" IssueInstant="2017-02-03T18:32:54.860Z" Version="2.0">

<saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://company.com/saml-fe/sso</saml2:Issuer>

<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

<ds:SignedInfo>

<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>

<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>

<ds:Reference URI="#_eb78cdec36f4f99b39f30302a56662f5">

<ds:Transforms>

<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>

<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>

</ds:Transforms>

<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>

<ds:DigestValue>1xUgAjkRwqP0Cmb/kTYaCc8ZcQjoBtwLLUSHPuDi820=</ds:DigestValue>

</ds:Reference>

</ds:SignedInfo>

<ds:SignatureValue>

I332qh+nwcdgRvjOb5eaJXsJWfyTC89/bsMGLn7Lk5gk1AIcX4i/YGW2WymtmBMKpC/e7P+T37DSqWT8i2/+eQYbXPnX12DvnPViO4+AVHx0eM/o3KmA0+kaOn91QyyRADILRpoSpGljjY2dOL9GlhY6KemoDroij33BYxLr4wg5TtKEz7L98OS17Au2YuwS6Wz/Tv9vPqwM9a2gPaQJpGDmQAnHacR66cDVimLzJiPg5Op6Lz2DD6A2HFvDwA5btOWtXGT9xAoB1ZlFzBRJ+T7p6Xn/fFXI0dEsY8A5zEoihmInG00uQ5wBBAWY/c/vJp/Lwqe1e4Sy+BSDFYskbQ==

</ds:SignatureValue>

<ds:KeyInfo>

<ds:X509Data>

<ds:X509SubjectName>OU=ONE,O=SAML_SIGNING,STREET=c12f5bab0220ec523f89639a8dc9ded937ed978289d30885409db89d4852ba7f,C=company,CN=be075a80-f1c4-41cf-9c9e-c0ba53212d57</ds:X509SubjectName>

<ds:X509Certificate>MIIEIzCCAwugAwIBAgIUNCZGscafYuODoaujLvOv3zzIgUQwDQYJKoZIhvcNAQELBQAwgbExLTArBgNVBAMMJGJlMDc1YTgwLWYxYzQtNDFjZi05YzllLWMwYmE1MzIxMmQ1NzEQMA4GA1UEBhMHdm95YWdlcjFJMEcGA1UECQxAYzEyZjViYWIwMjIwZWM1MjNmODk2MzlhOGRjOWRlZDkzN2VkOTc4Mjg5ZDMwODg1NDA5ZGI4OWQ0ODUyYmE3ZjEVMBMGA1UECgwMU0FNTF9TSUdOSU5HMQwwCgYDVQQLDANPTkUwHhcNMTYwODMwMTY0MDE4WhcNMzYwODMwMTY0MDE4WjCBsTEtMCsGA1UEAwwkYmUwNzVhODAtZjFjNC00MWNmLTljOWUtYzBiYTUzMjEyZDU3MRAwDgYDVQQGEwd2b3lhZ2VyMUkwRwYDVQQJDEBjMTJmNWJhYjAyMjBlYzUyM2Y4OTYzOWE4ZGM5ZGVkOTM3ZWQ5NzgyODlkMzA4ODU0MDlkYjg5ZDQ4AQsFAAOCAQEAJIHRetoDpzkKM6GbQKcnRmMHRD2wkdJXyHSxxVpdQLUh/HEwftb96dPh79Z7uDMqXgwVD1vdwuxnGToG6upCZleFHp7L+YEh7Wjd977MiaGZ14ZJfv1+0ARQJ9tBTfi7K8cGUVPqknxkabjulWBbk57o4ekrc4EhIjkRhaE+8BR4a1mbZAr3PPbM6yZGdz0zOFGEm6hu8Xg+nkF3rb85QoCncHNL5dAH1hldCYoHZhojLvLaqdUrxQIBveIjXuj614H6U7vFFVAlLfsuTnUpP0zZ2o/RUNCNMCSa+/sGWVJj8BfbKpPE54XsCI/ncBgqH71lebdO4S2uUv+Ji0/Gag==</ds:X509Certificate>

</ds:X509Data>

</ds:KeyInfo>

</ds:Signature>

<saml2:Subject>

<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">SubjectName</saml2:NameID>

<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">

<saml2:SubjectConfirmationData InResponseTo="_0fd4fbcc-8e0a-4c3c-b380-b4fa3b2bf4e9" NotOnOrAfter="2017-02-03T18:38:54.860Z" Recipient="http://company-vm.local:81/saml-sp/response.do"/>

</saml2:SubjectConfirmation>

</saml2:Subject>

<saml2:Conditions NotBefore="2017-02-03T18:31:54.860Z" NotOnOrAfter="2017-02-03T18:38:54.860Z">

<saml2:AudienceRestriction>

<saml2:Audience>test-sp</saml2:Audience>

</saml2:AudienceRestriction>

</saml2:Conditions>

<saml2:AuthnStatement AuthnInstant="2017-02-03T18:32:54.814Z">

<saml2:AuthnContext>

<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml2:AuthnContextClassRef>

</saml2:AuthnContext>

</saml2:AuthnStatement>

</saml2:Assertion>

</saml2p:Response>

 

 

We want your feedback! Tell us what you think of this page.

Previous Topic:Manage Relying Parties
You are here
Table of Contents > Relying Parties > Example: SAML IdP for Cloud Authentication Service Assertion

Attachments

    Outcomes