I am asking here because I read that the Spring Security SAML Extension supports the ECP profile but I cannot find much information about the neccessary Information. I am using OpenAM as Identity Provider and set up the spring-security-saml2-sample as a service provider.
Now, when I send an HTTP request to my SP like:
I do not receive a SOAP message as expected, but rather a HTTP 301 redirect to the IdP login page. When I add
GET /spring-security-saml2-sample/initializeECP HTTP/1.1
PAOS: ver='urn:liberty:paos:2003-08'; 'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'
to the WebSSOProfileOptions I get an Exception:
<property name="binding" value="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"/>
What am I doing wrong? Do I need to enable the ECP profile for the SP implementation somewhere? I was not able to find any information on this topic neither in the documentation nor elsewhere online.
org.opensaml.saml2.metadata.provider.MetadataProviderException: User specified binding is not supported by the Identity Provider using profile urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser
I can provide my settings files later if neccessary. For the moment I do not want to produce so much noise.
I hope you can help me. Thanks in advance.