Initiated Idp-SSO example

[Itachi-Uchiha78]

Hi,

I'm trying to do a post SSO from IDP in the Initiated IDP SSO scenario. It seems isn't supported yet. Can't find the right approach to implement it, can u put in the right direction? thanks!

[oharsta]

The unsolicited response flow - e.g. IDP-initialized SSO - is indeed not implemented. You're starting point should be a new Endpoint similar to:

https://github.com/OpenConext/Mujina/blob/master/mujina-idp/src/main/java/mujina/idp/SsoController.java#L42

but with extra query / path parameters to indicate which SP should be targeted after a successful login. The underlying Spring SAML security in Mujina SP already supports this. See:

https://docs.spring.io/autorepo/docs/spring-security-saml/1.0.x/reference/html/configuration-sso.html#configuration-sso-process-idp-init

Note that the unsolicited flow is not on the Mujina roadmap, so you are kind of on your own for implementing this. However I will accept a merge request if it is backward compatible.

[Itachi-Uchiha78]

Thanks!

[pjsg]

@Itachi-Uchiha78 Did you ever implement the IdP initiated flow?

Thanks