SAML 2.0 Identity Provider
Security Assertion Markup Language (SAML) is an authentication protocol and therefore a crucial part in identity federation between organisations.
As an open standard that allows identity providers (IdP) to pass authorization credentials to service providers (SP), SAML builds the link between the authentication of a user’s identity and the authorization to use a service. SAML only works for web applications.
For further information you could read more here.
For detailed view of the technical components used please visit this page.
The project template
The Nevis project template SAML 2.0 Identity Provider supports username / password login infrastructure. For demonstration purposes, the template includes an example service provider: it is the nevisIDM GUI and supports SP initiated login & logout procedures!
Scenario for testing a successful deployment
Launch your Service Provider (in our example, the nevisIDM Administration GUI application) at
https://your_domain_goes_here/nevisidm/- replace “your_domain_goes_here” with your real domain name!First time you log-in using your “bootstrap” credentials (bootstrap/generated), you need to change your password before actual login could happen.
You land at your IDM admin page. Success!
You can always observe the relevant SAML communication exchange via a SAML-tracer browser extension e.g. like this: SAML-login.png
Optionally you could also try logout and observe corresponding SAML entries in a SAML-tracer browser extension:
Now it is time to replace the example SP (nevisIDM Admin GUI) with your own service provider and enjoy the Nevis security experience!