LINE WORKS

Developers

SSO

Issue with Client Implementations to Register SP for SAML 2.0 Authentication

シャーバビック

2018.01.27既読 3147

Hi There,


We are trying to implement SAML based authentication for our customers through below link. 


https://developers.worksmobile.com/kr/document/1001006


We are able to send the SAML request and it opens Lines works login page too. However, when submitting the credentials it calls ACS url with GET method. I think as per your documentation it should be POST.


I have set ACS URL as below and same is set in devise gem with Ruby on Rails application for SAML authentication.

http://<my host name>/m_user_login/saml/auth


Can you please help.


Let me know in case more information is required.

コメント6

  • 업데이트 된 답글입니다.

    LINE WORKS 公式アカウント

    We are still in discussion about your feedback.
    Please wait for a while.

    2018.01.30

    0

  • 업데이트 된 답글입니다.

    シャーバビック 投稿者

    Can you please update us? We are planning to add this functionality and demonstrate it during our participation of an event scheduled on this Friday.

    2018.01.31

    0

  • 업데이트 된 답글입니다.

    LINE WORKS 公式アカウント

    We apologize for our delayed contact.

    Could you set the "ProtocolBinding" parameter which is in your request as "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ?
    When you set that parameter as "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-GET",  
    ACS url has been called with GET method.

    If you already use "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-GET",
    please let us know that.

    2018.02.01

    0

  • 업데이트 된 답글입니다.

    シャーバビック 投稿者

    Hi There,

    Thanks for the response.

    We have already tried that solution but devise has the auth url implemented as POST method (POST http://localhost:3000/users/saml/auth), so even if ACS called with GET we can't make it work with devise. After changing ProtocolBinding to GET its showing 404 not found. but the same url can be accessible with POST.

    Is there any work around you are aware of?

    Devise SAML which we are using with Line SAML : https://github.com/apokalipto/devise_saml_authenticatabl

    2018.02.01

    0

  • 업데이트 된 답글입니다.

    LINE WORKS 公式アカウント

    Thank you for reporting us.
    We were very sorry.
    Currently, we supports only POST binding.

    Could you confirm whether your "ProtocolBinding" parameter exactly matches "urn: oasis: names: tc: SAML: 2.0: bindings: HTTP - POST" ?
    When the parameter does not exactly matche,  it doesn't work.

    2018.02.02

    0

  • 업데이트 된 답글입니다.

    シャーバビック 投稿者

    Thanks, it is working with protocol binding.
    We need to change
    settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    to
    settings.protocol_binding  = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    to make it work.

    2018.02.03

    0
前の投稿type: link 時の contentText の最大文字列長
次の投稿コンテンツフィルタリングのキーワード複数設定について
リスト

まだ、解決できませんか?
今すぐ実際に使用しているLINE WORKSユーザーに質問してみましょう。