Sample

Sample

Sample

Sample for an IdP-metadata file

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="http://aquatest-ldap/simplesaml/saml2/idp/metadata.php">
  <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIDyTCCArG...</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIDyTCCArG...</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://aquatest-ldap/simplesaml/saml2/idp/SingleLogoutService.php"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://aquatest-ldap/simplesaml/saml2/idp/SSOService.php"/>
  </md:IDPSSODescriptor>
  <md:ContactPerson contactType="technical">
    <md:GivenName>SAML - Administrator</md:GivenName>
    <md:EmailAddress>admin@andagon.com</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>
 

Example of an (unencrypted) successful login message of SAML to a given ServiceProvider

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_145fa2ed11c809e3d875e084762766d2707e0cd904" Version="2.0" IssueInstant="2017-10-19T12:22:05Z" Destination="http://localhost:54537/web/Account/saml2-acs" InResponseTo="_aab202fa-0a16-4bbe-8187-4ac5b964f482">
     <saml:Issuer>http://aquatest-ldap/simplesaml/saml2/idp/metadata.php</saml:Issuer>
     <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <ds:SignedInfo>
               <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
               <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
               <ds:Reference URI="#_145fa2ed11c809e3d875e084762766d2707e0cd904">
                    <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <ds:DigestValue>PCIJShVbyCbsDyVoiWY9n4RhzJQ=</ds:DigestValue>
               </ds:Reference>
          </ds:SignedInfo>
          <ds:SignatureValue>Du7NAQRM...</ds:SignatureValue>
          <ds:KeyInfo>
               <ds:X509Data>
                    <ds:X509Certificate>MIIDyTCCArG...</ds:X509Certificate>
               </ds:X509Data>
          </ds:KeyInfo>
     </ds:Signature>
     <samlp:Status>
          <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
     </samlp:Status>
     <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_45c90d736954f45820eb5f64c0237cdeed86a93638" Version="2.0" IssueInstant="2017-10-19T12:22:05Z">
          <saml:Issuer>http://aquatest-ldap/simplesaml/saml2/idp/metadata.php</saml:Issuer>
          <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
               <ds:SignedInfo>
                    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                    <ds:Reference URI="#_45c90d736954f45820eb5f64c0237cdeed86a93638">
                         <ds:Transforms>
                              <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                              <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </ds:Transforms>
                         <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                         <ds:DigestValue>szptwk+Kmj8ArvvwhT8Er5gCjtY=</ds:DigestValue>
                    </ds:Reference>
               </ds:SignedInfo>
               <ds:SignatureValue>SrsL9brTp...</ds:SignatureValue>
               <ds:KeyInfo>
                    <ds:X509Data>
                         <ds:X509Certificate>MIIDyTCCArG...</ds:X509Certificate>
                    </ds:X509Data>
               </ds:KeyInfo>
          </ds:Signature>
          <saml:Subject>
               <saml:NameID SPNameQualifier="aqua-saml-sp-localdev" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_48e0734664b4b39dc73f41475463171f1f1eda91c3</saml:NameID>
               <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                    <saml:SubjectConfirmationData NotOnOrAfter="2017-10-19T12:27:05Z" Recipient="http://localhost:54537/web/Account/saml2-acs" InResponseTo="_aab202fa-0a16-4bbe-8187-4ac5b964f482"/>
               </saml:SubjectConfirmation>
          </saml:Subject>
          <saml:Conditions NotBefore="2017-10-19T12:21:35Z" NotOnOrAfter="2017-10-19T12:27:05Z">
               <saml:AudienceRestriction>
                    <saml:Audience>aqua-saml-sp-localdev</saml:Audience>
               </saml:AudienceRestriction>
          </saml:Conditions>
          <saml:AuthnStatement AuthnInstant="2017-10-19T11:50:24Z" SessionNotOnOrAfter="2017-10-19T19:50:24Z" SessionIndex="_600b3c036eb001ab8c7b0f75c46bbf8be5c0f61d5e">
               <saml:AuthnContext>
                    <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
               </saml:AuthnContext>
          </saml:AuthnStatement>
          <saml:AttributeStatement>
               <saml:Attribute Name="givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
                    <saml:AttributeValue xsi:type="xs:string">andreas</saml:AttributeValue>
               </saml:Attribute>
               <saml:Attribute Name="gidNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
                    <saml:AttributeValue xsi:type="xs:string">43532</saml:AttributeValue>
               </saml:Attribute>
               <saml:Attribute Name="homeDirectory" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
                    <saml:AttributeValue xsi:type="xs:string">/home/users/mueller</saml:AttributeValue>
               </saml:Attribute>
               <saml:Attribute Name="sn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
                    <saml:AttributeValue xsi:type="xs:string">Mueller</saml:AttributeValue>
               </saml:Attribute>
               <saml:Attribute Name="objectClass" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
                    <saml:AttributeValue xsi:type="xs:string">inetOrgPerson</saml:AttributeValue>
                    <saml:AttributeValue xsi:type="xs:string">posixAccount</saml:AttributeValue>
                    <saml:AttributeValue xsi:type="xs:string">top</saml:AttributeValue>
               </saml:Attribute>
               <saml:Attribute Name="userPassword" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
                    <saml:AttributeValue xsi:type="xs:string">{MD5}jUwUUCmFoBHCN9n1gAY2rQ==</saml:AttributeValue>
               </saml:Attribute>
               <saml:Attribute Name="uidNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
                    <saml:AttributeValue xsi:type="xs:string">1001</saml:AttributeValue>
               </saml:Attribute>
               <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
                    <saml:AttributeValue xsi:type="xs:string">bmueller</saml:AttributeValue>
               </saml:Attribute>
               <saml:Attribute Name="cn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
                    <saml:AttributeValue xsi:type="xs:string">bmueller</saml:AttributeValue>
               </saml:Attribute>
          </saml:AttributeStatement>
     </saml:Assertion>
</samlp:Response>

    • Related Articles

    • PowerShell (Rich Client)

      PowerShell agent exposes several objects available for PowerShell scripts: variables – array of aqua.ProcessEngine.WebServiceProxy.VariableValue objects containing TC variables (and their values) used for execution. Name and Value are most important ...

    • Email Notification - Web Client links

      When you are working with the aqua web client, you can configure Email notifications, just as in the rich client. The links to the items are not per default leading to the web client. To change this, you can add the following link to your template:   ...

    • Server parameters

      In this topic you will find some server parameters, which can be added to configure your server more individually. To add one of these you will need to open the Web.config, which can be found by default here: C:\Programm Files\andagon GmbH\aqua for ...

    • Test Automation

      aqua allows to execute automated tests. The procedure to start an automated test is the same as for a manual test. You just click the Run button in a given test case. The following dialogue is supplemented with a section for Agent selection. The ...

    • Import

      From the context menu of a project or folder, you can import items from an Excel file directly into the selected project or folder. In the import dialog you can first download a sample file in the appropriate format for the selected project. There ...