Date
1 - 5 of 5
UAA SAML2 Federation
Pablo Alonso Rodriguez <palonsoro@...>
I see.
Then, until ECP profile is implemented (someone at Daniel's link mentioned
that it is on the roadmap), the browser is must.
Thank you very much for your answers.
2015-06-09 17:03 GMT+02:00 Sree Tummidi <stummidi(a)pivotal.io>:
toggle quoted message
Show quoted text
Then, until ECP profile is implemented (someone at Daniel's link mentioned
that it is on the roadmap), the browser is must.
Thank you very much for your answers.
2015-06-09 17:03 GMT+02:00 Sree Tummidi <stummidi(a)pivotal.io>:
Hi,
The browser interaction is a must because the actual SAML Auth with the
IDP happens via the browser. UAA implements the SAML POST profile which
involves a browser.
The code itself is generated as a one time token by the UAA after the SAML
auth is complete.
Thanks,
Sree
Sent from my iPad
On Jun 9, 2015, at 6:26 AM, Pablo Alonso Rodriguez <palonsoro(a)gmail.com>
wrote:
Ok. I see.
Then, would it be possible to request a temporary access code to the UAA
by means of a REST API or another more programmatic way?
What I would like to avoid is our users having to manually copy and paste
a code from the browser.
Thank you very much
2015-06-09 13:46 GMT+02:00 Daniel Mikusa <dmikusa(a)pivotal.io>:_______________________________________________
On Tue, Jun 9, 2015 at 4:45 AM, Pablo Alonso Rodriguez <
palonsoro(a)gmail.com> wrote:Good morning.I don't think so, I think that's a limitation of SAML. Check out this
Recently, we have successfully federated the UAA to an external identity
provider via SAML2.
However, we are only able to log in via cf login --sso, so that we can
get a temporary code by loging in the idp web page.
Is there any way to directly pass the credentials to the identity
provider from the cf cli?
thread for some more info on this.
http://cf-dev.70369.x6.nabble.com/cf-dev-UAA-SAML-and-LDAP-questions-td62.html
Dan_______________________________________________
Thank you in advance.
_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
Sree Tummidi
Hi,
The browser interaction is a must because the actual SAML Auth with the IDP happens via the browser. UAA implements the SAML POST profile which involves a browser.
The code itself is generated as a one time token by the UAA after the SAML auth is complete.
Thanks,
Sree
Sent from my iPad
toggle quoted message
Show quoted text
The browser interaction is a must because the actual SAML Auth with the IDP happens via the browser. UAA implements the SAML POST profile which involves a browser.
The code itself is generated as a one time token by the UAA after the SAML auth is complete.
Thanks,
Sree
Sent from my iPad
On Jun 9, 2015, at 6:26 AM, Pablo Alonso Rodriguez <palonsoro(a)gmail.com> wrote:
Ok. I see.
Then, would it be possible to request a temporary access code to the UAA by means of a REST API or another more programmatic way?
What I would like to avoid is our users having to manually copy and paste a code from the browser.
Thank you very much
2015-06-09 13:46 GMT+02:00 Daniel Mikusa <dmikusa(a)pivotal.io>:_______________________________________________On Tue, Jun 9, 2015 at 4:45 AM, Pablo Alonso Rodriguez <palonsoro(a)gmail.com> wrote:I don't think so, I think that's a limitation of SAML. Check out this thread for some more info on this.
Good morning.
Recently, we have successfully federated the UAA to an external identity provider via SAML2.
However, we are only able to log in via cf login --sso, so that we can get a temporary code by loging in the idp web page.
Is there any way to directly pass the credentials to the identity provider from the cf cli?
http://cf-dev.70369.x6.nabble.com/cf-dev-UAA-SAML-and-LDAP-questions-td62.html
Dan
Thank you in advance.
_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
Pablo Alonso Rodriguez <palonsoro@...>
Ok. I see.
Then, would it be possible to request a temporary access code to the UAA by
means of a REST API or another more programmatic way?
What I would like to avoid is our users having to manually copy and paste a
code from the browser.
Thank you very much
2015-06-09 13:46 GMT+02:00 Daniel Mikusa <dmikusa(a)pivotal.io>:
toggle quoted message
Show quoted text
Then, would it be possible to request a temporary access code to the UAA by
means of a REST API or another more programmatic way?
What I would like to avoid is our users having to manually copy and paste a
code from the browser.
Thank you very much
2015-06-09 13:46 GMT+02:00 Daniel Mikusa <dmikusa(a)pivotal.io>:
On Tue, Jun 9, 2015 at 4:45 AM, Pablo Alonso Rodriguez <
palonsoro(a)gmail.com> wrote:Good morning.I don't think so, I think that's a limitation of SAML. Check out this
Recently, we have successfully federated the UAA to an external identity
provider via SAML2.
However, we are only able to log in via cf login --sso, so that we can
get a temporary code by loging in the idp web page.
Is there any way to directly pass the credentials to the identity
provider from the cf cli?
thread for some more info on this.
http://cf-dev.70369.x6.nabble.com/cf-dev-UAA-SAML-and-LDAP-questions-td62.html
Dan_______________________________________________
Thank you in advance.
_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
Daniel Mikusa
On Tue, Jun 9, 2015 at 4:45 AM, Pablo Alonso Rodriguez <palonsoro(a)gmail.com>
wrote:
thread for some more info on this.
http://cf-dev.70369.x6.nabble.com/cf-dev-UAA-SAML-and-LDAP-questions-td62.html
Dan
wrote:
Good morning.I don't think so, I think that's a limitation of SAML. Check out this
Recently, we have successfully federated the UAA to an external identity
provider via SAML2.
However, we are only able to log in via cf login --sso, so that we can get
a temporary code by loging in the idp web page.
Is there any way to directly pass the credentials to the identity provider
from the cf cli?
thread for some more info on this.
http://cf-dev.70369.x6.nabble.com/cf-dev-UAA-SAML-and-LDAP-questions-td62.html
Dan
Thank you in advance.
_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
Pablo Alonso Rodriguez <palonsoro@...>
Good morning.
Recently, we have successfully federated the UAA to an external identity
provider via SAML2.
However, we are only able to log in via cf login --sso, so that we can get
a temporary code by loging in the idp web page.
Is there any way to directly pass the credentials to the identity provider
from the cf cli?
Thank you in advance.
Recently, we have successfully federated the UAA to an external identity
provider via SAML2.
However, we are only able to log in via cf login --sso, so that we can get
a temporary code by loging in the idp web page.
Is there any way to directly pass the credentials to the identity provider
from the cf cli?
Thank you in advance.