Results 1 to 3 of 3

Thread: Integrate with multiple ADFSs

  1. Feb 21st, 2013, 11:47 AM #1
    gzhu
    gzhu is offline Junior Member
    Join Date
    Feb 2013
    Posts
    3

    Default Integrate with multiple ADFSs

    Is that possible to integrate with multiple IDP (ADFS) systems, instead of letting one ADFS relaying to others? How do I configure it?

    In looking at chapter 6, the XML definition for ExtendedMetadataDelegate would be something like below?

    <bean class="org.springframework.security.saml.metadata. ExtendedMetadataDelegate">
    <constructor-arg>
    <list>
    <bean class="org.opensaml.saml2.metadata.provider.Filesy stemMetadataProvider">
    <constructor-arg>
    <value type="java.io.File">classpath:security/FederationMetadata1.xml</value>
    </constructor-arg>
    <property name="parserPool" ref="parserPool"/>
    </bean>

    <bean class="org.opensaml.saml2.metadata.provider.Filesy stemMetadataProvider">
    <constructor-arg>
    <value type="java.io.File">classpath:security/FederationMetadata2.xml</value>
    </constructor-arg>
    <property name="parserPool" ref="parserPool"/>
    </bean>
    </list>
    </constructor-arg>
    ..... <the rest is the same>
    Reply With Quote Reply With Quote
  2. Feb 21st, 2013, 01:23 PM #2
    vsch
    vsch is offline Senior Member
    Join Date
    Feb 2009
    Location
    Helsinki
    Posts
    148

    Default

    Hi,

    It's indeed possible to configure multiple IDP's, including multiple ADFS's. First of all you need to include metadata documents for each of the ADFS instances, just like you mention. During initialization of the SSO process it is then necessary to specify which IDP to authenticate with. The process for this is called IDP discovery and the sample application includes an example in its default settings.

    The configuration of the CachingMetadataManager bean could for example look something like this:

    Code:
    <bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
    <constructor-arg>
        <bean class="org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider">
            <constructor-arg>
                <value type="java.io.File">classpath:security/ADFS1.xml</value>
            </constructor-arg>
            <property name="parserPool" ref="parserPool"/>
        </bean>
    </constructor-arg>
    <constructor-arg>
        <bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
        </bean>
    </constructor-arg>
</bean>
<bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
    <constructor-arg>
        <bean class="org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider">
            <constructor-arg>
                <value type="java.io.File">classpath:security/ADFS2.xml</value>
            </constructor-arg>
            <property name="parserPool" ref="parserPool"/>
        </bean>
    </constructor-arg>
    <constructor-arg>
        <bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
        </bean>
    </constructor-arg>
</bean>
    Cheers, Vladi
    Reply With Quote Reply With Quote
  3. Feb 21st, 2013, 02:13 PM #3
    gzhu
    gzhu is offline Junior Member
    Join Date
    Feb 2013
    Posts
    3

    Default

    Thanks for your prompt reply. I appreciate it.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules