Thank you ! On Fri, Sep 28, 2018 at 12:35 PM Isura Karunaratne <is...@wso2.com> wrote:
> > > On Fri, Sep 28, 2018 at 12:16 PM Winma Heenatigala <wi...@wso2.com> wrote: > >> Hi all, >> >> I am working on my project to implement SAML ECP(Enhanced Client or >> proxy) profile for WSO2 Identity Server. >> >> In contrast to the SAML Web based SSO, SAML ECP profile is related to >> browserless clients. The following diagram shows how the message flow >> happens. >> >> >> >> >> For testing purposes I needed an ECP enabled Service Provider and a >> client. For that, I used Shibboleth SP and a Simple Bash client[1] provided >> by Shibboleth. >> >> I created a new Servlet called SAMLECPProviderServlet to capture the SOAP >> bound SAML authentication request sent by the Enhanced Client. The basic >> auth credentials (username and password) were sent by the client to the IDP >> in the HTTP request authorization header. Using a request wrapper, basic >> auth credentials were set to the sectoken parameter, the saml request was >> extracted from the soap envelope and forwarded the new request to the >> SAMLSSOProviderServlet. Then the request could process in the way that the >> Request Path Authenticator works. Inside the SAMLSSOServlet, for the >> requests from the ECP clients, a separate response was created where the >> saml response was enclosed in a soap envelope. >> >> Since the client is browserless there is an issue in providing user >> consents. I am looking for a way that our identity server can use to get >> consents from the users without using the browser. (using the bash >> client).Your valued suggestions are highly appreciated. >> > > IMO, We have to do the consent management from the application side. Since > the ECP client is not browser based, there is no way to handle the consents > from the Identity Server at the moment. > > Thanks > Isura. > > >> Thank you! >> >> -- >> >> *Winma Heenatigala* >> *Trainee Software Engineer | WSO2* >> >> *Mobile : +94719132444* >> >> >> >> > > -- > > *Isura Dilhara Karunaratne* > Associate Technical Lead | WSO2 <http://wso2.com/> > *lean.enterprise.middleware* > Email: is...@wso2.com > Mob : +94 772 254 810 > Blog : http://isurad.blogspot.com/ > > > > -- *Winma Heenatigala* *Trainee Software Engineer | WSO2* *Mobile : +94719132444*
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev