-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Understanding the use of /saml2/metadata #346
Comments
To enable a sp to request an authentication to an idp the RP have to save the idp metadata in its metadata storie (you have configured a local folder, so download the idp metadata and Place It in that folder) Then the idp have to save the RP metadata Once you've done this and if both metadata are valid and also their urls reachable over internet you'll be able to start your First authentication Welcome to the saml2 world |
thank you for the explanations, and I take the opportunity to ask you a question, you see I added the groups in the SAML response and my question is there a way to fetch this groups and after authentication of the user, the user get the group attribute to it automatically in django database. If you any idea that will point me in the right direction. Thanks. |
you can inherit class AssertionConsumerServiceView and overload this method djangosaml2/djangosaml2/views.py Line 601 in 16bb169
then you just have to point to your class in your project urls.py related to |
feel free to push your contribution in the documentation with a PR to help other developers to get a better understanding of the internal API |
Sorry, I'm sure you explained it well but I don't follow, do you have a concrete example? |
In the current documentation we may have a section related to your use case and how you implemented it, few lines of text that points to the inheritance of the method |
Hello,
I'm manage to integrate SAML authentication in my Django 3.2 application using the package Djangosaml2 and Pysaml2 with Azure as IdP provider.
In Azure I created a SAML application with these url :
my entityid : https://company.website.com/
assertion consumer service : https://company.website.com/saml/acs/
this is my login and logout redirection url : https://login.microsoftonline.com/***-***-***6c/saml2
my Azure identifier : https://sts.windows.net/***-***-***/ present in my remote metadata.
With this configuration my authentication works very well, I can login through https://company.website.com/saml/login/ and logout with https://company.website.com/saml/logout/
But what I don't understand is what the use of the metadata present in my url https://company.website.com/saml/metatdata
and this url https://company.website.com/saml/ls/ ?
In the doc it's says that :
you need to send the entity id and the metadata of this new SP to the IdP administrators so they can add it to their list of trusted services.
If someone can explain it to me that would be very helpfull. Thanks in advance
The text was updated successfully, but these errors were encountered: