Security Assertion Markup Language (SAML, pronounced sam-el) is an XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is a product of the OASIS Security Services Technical Committee. SAML dates from 2001; the most recent major update of SAML was published in 2005, but protocol enhancements have steadily been added through additional, optional standards.
Here is an example of implementing saml-sso in rails applications by using 'ruby-saml':
1. Install gem:
gem install 'ruby-saml' or whrite gem 'ruby-saml' in your app's gem file.
2. Create a controller named 'saml'.
3. Configure settings:
3.a create a yml file inside app/config/saml_settings.yml.
3.b add the following code inside the yml file
idp:
sso_target_url: idp_provider's_saml_auth_path
slo_target_url: idp_provider's_saml_logout_path
so:
assertion_consumer_service_url: Service_providers_consume_path
issuer: service_provider's_path
assertion_consumer_logout_service_url: service_provider's_saml_logout_path
4.Load all saml settings in your saml_controller.
5.Send login request to idp:
def init request = OneLogin::RubySaml::Authrequest.new
redirect_to(request.create(saml_settings))
end
6.Handle Idp response for login:
def consume response = OneLogin::RubySaml::Response.new(params[:SAMLResponse])
response.settings = saml_settings
if response.is_valid? && user = User.find_or_create_by(email: response.name_id)
session[:user_id] = user.id
redirect_to root_url
else redirect_to login_path
end
end
the above example is for implementing single sign on in a rails app.
Here is an example of implementing saml-sso in rails applications by using 'ruby-saml':
1. Install gem:
gem install 'ruby-saml' or whrite gem 'ruby-saml' in your app's gem file.
2. Create a controller named 'saml'.
3. Configure settings:
3.a create a yml file inside app/config/saml_settings.yml.
3.b add the following code inside the yml file
idp:
sso_target_url: idp_provider's_saml_auth_path
slo_target_url: idp_provider's_saml_logout_path
so:
assertion_consumer_service_url: Service_providers_consume_path
issuer: service_provider's_path
assertion_consumer_logout_service_url: service_provider's_saml_logout_path
4.Load all saml settings in your saml_controller.
5.Send login request to idp:
def init request = OneLogin::RubySaml::Authrequest.new
redirect_to(request.create(saml_settings))
end
6.Handle Idp response for login:
def consume response = OneLogin::RubySaml::Response.new(params[:SAMLResponse])
response.settings = saml_settings
if response.is_valid? && user = User.find_or_create_by(email: response.name_id)
session[:user_id] = user.id
redirect_to root_url
else redirect_to login_path
end
end
the above example is for implementing single sign on in a rails app.
No comments:
Post a Comment