I am trying to authenticate a ruby on rails app through SAML with Azure Active Directory.
In the AD settings it is only allowing https not http URLs as the "reply url" AKA the ACS or Assertion Consumer Service.
My question is does the ACS url have to be over https, if so, is there a way to develop with an app on localhost?
For this specific issue, I always use tunnelling app https://ngrok.com/
Install and run
ngrok http 3000
Then you can use https
ADFS is somewhat specific and sometimes does not implement the SAMLv2 spec correctly (i.e. the IdP meta data has not been meta data schema compliant).
The ACS endpoint need not be secured on the transport layer, although SAMLv2 recommends this.
However as you might use a so called "frontchannel binding" (HTTP POST or HTTP redirect binding), why do you bother? The browser is doing the communiation, not the app. Only if you use a 'backchannel binding', like Artifact binding the App (acting as the SP) needs to talk to the IdP (not with the ACS in this case, but the "ArtifactResolutionService")
I'm trying to implement WebSocket support with Angular+SockJs on front-end, and Spring on backend. We are using Spring Security with OAuth 2.0 token based authorization.
Spec tell us that i should pass token via STOMP client at connect time and use Interceptor on backend to provide Principal. But i don't like this approach because i need to copy logic from Security configuration to get Principal from Token.
Is it possible to catch SockJs request in Angular Interceptor and add Authentication header?
I have exposed my camel project as a rest web service. http://localhost:9090/route/restservice/getQuote
How do i identify that the incoming request is SOAP or rest - if it is REST or SOAP (are there any headers to identify)
if it is SOAP how can I convert SOAP to rest in camel/routes ?
Thanks
I have a web api hosted on Azure having Azure AD authentication configured and running properly (all controllers have the Authorized attribute).
The front-end runs AngularJS and authentication of the http requests is implemented by using the amazing ADAL JS library (adalAuthenticationServiceProvider).
Beside the web api I also have a SignalR hub that I'd like to 'protect'. More specifically I need to call (invoke) a method of the Hub from the AngularJS client code. Basically I need to have the Context.User populated in the Hub method.
Any idea how to also authenticate a SignalR invoke under these circumstances?
you can supply token on query parameter as suggested in https://auth0.com/blog/2014/01/15/auth-with-socket-io/ and then process token on your backend
I would like to make my gae application a Service provider using OAuth2.0. Are there any client libraries which makes an gae application a Service provider. I'm using Scribe client library to be a OAuth consumer.