Hi Nadeesha, This issuer value implies which party issues the SAML request or the response. If you look at the SAML flow, Authentation request is issued by the service provider who is requesting the authentication of an entity from the IDP. SAML Response is issued by the IDP in response to this authentication request received from SP. Hence the issuer of SAML Response is the IDP entity ID. In WSO2 Identity Server you can configure this value under Resident Identity Provider.
For more information refer the SAML2 specification[1], 2.2.5 Element <Issuer>. [1] - https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf Thanks, Pushpalanka. -- Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ Mobile: +94779716248 Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka On Wed, Sep 30, 2015 at 11:48 AM, Nadeesha Meegoda <nadees...@wso2.com> wrote: > Hi IS team, > > I have configured a SAML SSO service provider (travelocity.com) in tenant > mode (ymc.com). My IS is running in cluster environment it's > https://mgt.is.wso2.com. When I was signing in to travelocity.com in the > SAML AuthnRequest the samlp:issuer is as follows : > > <samlp:Issuer xmlns:samlp="urn:oasis:names:tc:SAML:2.0:assertion"> > travelocity....@ymc.com</samlp:Issuer> > > However in the SAML Response to the authentication request the > saml2:issuer is as follows: > > <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" > xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" > >localhost</saml2:Issuer> > > May I know why the saml2:Issuer is localhost here? Do I need to do more > configurations to get it right? Can anyone explain please? > > I have attached the full authentication request and response with the mail. > > > Thanks > > -- > *Nadeesha Meegoda* > Software Engineer - QA > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > email : nadees...@wso2.com > mobile: +94783639540 > <%2B94%2077%202273555> > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
