Google Search Appliance Authentication/Authorization for Enterprise SPI Guide User Manual

Page 17

Advertising
background image

Google Search Appliance: Authentication/Authorization for Enterprise SPI Guide

17

With the base64 encoded form of the signed SAML Response:

<samlp:Response

Destination="https://gsa.yourdomain.com/security-manager/

samlassertionconsumer"

ID="t5efe6b289bd5c776d5fd9b23aa0f8da568d1dd44" IssueInstant="2010-07-

16T02:05:06Z"

Version="2.0"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<samlp:Response ID="mo1sijfykc8mwn7eu9lbzpr2va6godhx"

IssueInstant="2010-07-16T02:05:06Z" Version="2.0"
Destination="https://gsa.yourdomain.com/security-manager/
samlassertionconsumer">

<samlp:Status>

<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>

</samlp:Status>
<Assertion ID="aup1f3hnzo7gv9kwrds86abc45jxqtye"

IssueInstant="2010-07-16T02:05:06Z" Version="2.0">
<saml:Issuer>

myauthn

</saml:Issuer>
<saml:Subject>

<saml:NameID>

user1

</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">

<saml:SubjectConfirmationData

InResponseTo="_33d9a01b3dd314c6bc394c420fc0857a"
NotOnOrAfter="2010-07-16T02:05:11Z"
Recipient="https://gsa.yourdomain.com/security-manager/

samlassertionconsumer"/>

</saml:SubjectConfirmation>

</saml:Subject>
<saml:Conditions NotBefore="2010-07-16T02:05:06Z"

NotOnOrAfter="2010-07-16T02:05:11Z">
<saml:AudienceRestriction>

<saml:Audience>

http://google.com/enterprise/gsa/T2-I02BQQ2PYJSJT/security-manager

</saml:Audience>

</saml:AudienceRestriction>

</saml:Conditions>

<saml:AuthnStatement AuthnInstant="2010-07-16T02:05:06Z"

SessionIndex="aup1f3hnzo7gv9kwrds86abc45jxqtye">
<saml:AuthnContext>

<saml:AuthnContextClassRef>

urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport

</saml:AuthnContextClassRef>

</saml:AuthnContext>

</saml:AuthnStatement>

</saml:Assertion>

</samlp:Response>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

<ds:SignedInfo>

<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/

REC-xml-c14n-20010315"/>

<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/

xmldsig#rsa-sha1"/>

<ds:Reference URI="#t5efe6b289bd5c776d5fd9b23aa0f8da568d1dd44">

<ds:Transforms>

Advertising
See also other documents in the category Google Software: