SAML v2.0 Messaging Test Site for login
The aim of this site is to provide integrators with a sandbox environment to component test the sending of a SAML v2.0 AuthnRequest to, and receiving a SAML v2.0 response from, the RealMe login service. Specifically, the website provides:
- validation of SAML v2.0 metadata elements for RealMe login service
- the ability to receive a SAML v2.0 AuthnRequest and validate the message content
- the generation of a successful SAML v2.0 response
- the generation of a non-successful SAML v2.0 response.
The RealMe developers website describes the sending of SAML v2.0
messages to and from the RealMe login service. The SAML v2.0 messaging is designed to adhere to the base OASIS SAML v2.0 specification. In doing so,
it aims to cater for a broad range of SAML v2.0 compliant products.
Messages from the SP to the RealMe login service
The Messaging Test Site accepts messages entered as either:
- developer input via a form - this allows for interim diagnosis results to be displayed and optional continuation via manual entry of a FLT and selection of a SAML v2.0 response
- parameters to a Messaging Test Site URL - this allows the automation of message validation and continuation to a SAML v2.0 response.
After a successful validation of the AuthnRequest, the Messaging Test Site provides an optional continuation to provide a SAML v2.0 response. This redirects the browser to your SAML v2.0 SP product. For POST binding, the SP then needs to decode the response to consume the RealMe FLT. In your live implementation, it is the responsibility of your SP to record any failure and any error response and present it for fault analysis.
Core MTS integration steps
-
Obtain the self-signed SP and IdP certificates from the MTS zip file bundle, which you can download here. Full RealMe login service integration requires CA certificate purchase.
-
Import the RealMe login service SAML v2.0 metadata file from the bundle and create an association with the RealMe login service MTS.
-
Export the SP SAML v2.0 metadata file from your SAML v2.0 component or provide a file based on the sample in the MTS zip file bundle. You will need to formulate a RealMe compliant entityID for your service.
-
Configure the entityID and upload the SP metadata and start testing the message exchange.