Hi!
We are using ADFS as the SAML idp for our applications. For some reasons we need ADFS to reply using a redirect binging, not a post binding.
We have set picketlink.xml like this:
<
PicketLinkSP
xmlns
=
"urn:picketlink:identity-federation:config:2.1"
BindingType
=
"REDIRECT"
>
This has caused our application to use redirect when it calls the IdP but has not changed the binding element in the request. SAML requests looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
AssertionConsumerServiceURL="application url"
Destination="adfs url" ForceAuthn="false"
ID="_1499958212546_eaa8b869b80e78aaf86d5be01395f502" IsPassive="false"
IssueInstant="2017-07-13T15:03:32.546Z"
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"
xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"sp id</saml2:Issuer><saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/></saml2p:AuthnRequest>
And would like the ProtocolBinding to be like this:
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-REDIRECT" Version="2.0"
How can we achieve this?