On Sat, Dec 13, 2014 at 9:29 AM, Dulanja Liyanage <[email protected]> wrote: > > BTW Dinusha, why do you want to send a SAML Response through an unsecured > channel? If you must do it, then the Response must be encrypted. > Yeah Dulanja. This anyway we have to fix.
> > On Sat, Dec 13, 2014 at 9:23 AM, Dulanja Liyanage <[email protected]> > wrote: >> >> Darshana, I also thought it'd work. But a quick test revealed it doesn't. >> >> @Dinusha, according to SAML Specs we *should* allow to add multiple ACS >> URLs. But, it's a new feature. >> >> On Sat, Dec 13, 2014 at 9:11 AM, Dinusha Senanayaka <[email protected]> >> wrote: >>> >>> Thanks Darshana. Currently we don't sign the request which is generated >>> from the gateway. We could improve it configurable and give user option to >>> sign or not. But I'm not sure whether we can use this as a permanent >>> solution because, then user is always restricted to sign the request if he >>> want to expose both http/https gateway urls. Will this be a hard >>> improvement if we doing it from identity side ? What we need is capability >>> to configure multiple ACS urls in the SP. When the request comes, validate >>> ACS in the request is a one defined in SP, if so send saml response to the >>> matching ACS. >>> >>> Regards, >>> Dinusha. >>> >>> On Thu, Dec 11, 2014 at 4:32 PM, Darshana Gunawardana <[email protected] >>> > wrote: >>>> >>>> AFAIK, we don't support registering multiple ACS urls.. But IdP honour >>>> to the ACS in the authentication request, if the request is signed. >>>> >>>> On Thu, Dec 11, 2014 at 12:51 PM, Dinusha Senanayaka <[email protected]> >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> Requirement is, in App Manager, synapse gateway act as the assertion >>>>> consumer URL. It's possible to expose gateway url from http and https at >>>>> the same time which will give two access urls. So when we registering SP >>>>> for this app, we need to associate both http and https urls as assertion >>>>> consumer urls. >>>>> >>>>> Regards, >>>>> Dinusha. >>>>> >>>>> -- >>>>> Dinusha Dilrukshi >>>>> Senior Software Engineer >>>>> WSO2 Inc.: http://wso2.com/ >>>>> Mobile: +94725255071 >>>>> Blog: http://dinushasblog.blogspot.com/ >>>>> >>>> >>>> >>>> >>>> -- >>>> Regards, >>>> >>>> >>>> *Darshana Gunawardana*Software Engineer >>>> WSO2 Inc.; http://wso2.com >>>> >>>> *E-mail: [email protected] <[email protected]>* >>>> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware >>>> >>> >>> >>> -- >>> Dinusha Dilrukshi >>> Senior Software Engineer >>> WSO2 Inc.: http://wso2.com/ >>> Mobile: +94725255071 >>> Blog: http://dinushasblog.blogspot.com/ >>> >> >> >> -- >> Dulanja Liyanage >> WSO2 Inc. >> M: +94776764717 >> > > > -- > Dulanja Liyanage > WSO2 Inc. > M: +94776764717 > -- Dinusha Dilrukshi Senior Software Engineer WSO2 Inc.: http://wso2.com/ Mobile: +94725255071 Blog: http://dinushasblog.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
