[Satosa-dev] Front end support for the HTTP-POST binding

Ivan Kanakarakis ivan at grnet.gr
Thu Sep 7 16:46:36 CEST 2017

Hi Matthew,

The different frontends are configured as their underlying
implementation allows. The SAML frontend is based on pysaml2 [0], so
you should be looking there for the appropriate setting.

In this case you should probably look at the 'preferred_binding'
configuration option. Documentation provided here[1] until it is
merged in the main repository.

[0]: https://github.com/rohe/pysaml2
[1]: https://github.com/c00kiemon5ter/pysaml2/blob/6a7c7fac081d1b380e75f69ce43299a2ae301225/doc/howto/config.rst#preferred-binding


On 7 September 2017 at 17:32, Matthew X. Economou <xenophon at irtnog.org> wrote:
> Dear all,
> Does the SATOSA front end support HTTP-POST bindings?  It isn't clear
> from the code or documentation whether a HTTP-POST binding is supported
> by the front end---or if it is, how to configure it.
> I want to integrate Tableau with our VO, but it's throwing the following
> error:
> HTTP Status 500 -
> org.opensaml.saml2.metadata.provider.MetadataProviderException: User
> specified binding is not supported by the Identity Provider using
> profile urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser
> The IdP metadata for SATOSA includes a HTTP-Redirect binding:
> <SingleSignOnService
>   Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
>   Location="https://satosa/Saml2/sso/redirect"/>
> According to this support forum thread, the solution is to specify a
> HTTP-POST binding:
> https://community.tableau.com/thread/145569
> Best wishes,
> Matthew
> --
> "The lyf so short, the craft so longe to lerne."
> _______________________________________________
> Satosa-dev mailing list
> Satosa-dev at lists.sunet.se
> https://lists.sunet.se/listinfo/satosa-dev

Ivan Kanakarakis

More information about the Satosa-dev mailing list