Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

SAML Client implementation for Android?

Tags:

android

saml

opensaml

Is there a sample application which I can refer for SAML interactions on Android? Anyone successfully ported/used OpenSAML on Android ?

I am trying to write a simple app which would (instead of browser redirection) use native APIs to carry out SAML authentication.

Also some pointers to test environment where I can test SAML clients would help.

like image 587
VishJ Avatar asked Aug 13 '12 06:08

VishJ

People also ask

Can I use SAML for mobile app?

SAML was simply not designed for modern application types, such as SPAs and mobile apps. You'll spend time fighting the protocol and still end up with a solution that is cumbersome and has security holes. Instead, we recommend using OpenID Connect in SPAs and mobile applications.

Does Google offer SAML?

Google offers a SAML-based single sign-on (SSO) service that provides partner companies with full control over the authorization and authentication of hosted user accounts that can access web-based applications like Gmail or Google Calendar.

Can SAML be used for REST API?

All clients follow a basic message flow to access the REST API using SAML. Whereas CSM acts as both the service provider and the identity provider in OAuth2 protocol, SAML protocol introduces a third-party identity provider.

1 Answers

If you need to authenticate your mobile app users against a SAML 2.0 IDP, then you would NOT build this into Android (or iOS). Best practice would be to have your mobile app use OAuthv2 and exchange a SAML Response generated by the IDP for your local SP/AS OAuth token. Essentially, the application would launch the WebView browser w/in your application to carry out the SAML Web SSO profile which would result in your AS giving your mobile app an OAuth token. It's not required to use OAuth in this type of scenario, but it will add security & standard support to your mobile application.

Ping Identity [Note: I do work for Ping] has done a ton of work to make SAML/OAuth quick and easy for SaaS Providers to implement (over 250 SaaS Providers and growing). Check out https://www.pingidentity.com/products/pingfederate/secure-mobile-access.cfm

HTH =- Ian

like image 108
Ian Avatar answered Oct 25 '22 16:10

Ian
Sign in to Comment

Related questions

how to do voice/video chat in android using smack api's [closed]
what is called before onCreate in android [duplicate]
Testing Android code with JUnit and the JDK
How to use Camera to take picture in a background Service on Android? [duplicate]
Programming for Android in a 100% C++ Environment?
How to scroll layout which have 3 list view
Which Adapter to Use - BaseAdapter or ArrayAdapter?
How to call tab Onclick and OnTabChange for same tab
How to save, export, or convert an Android XML Drawable as a PNG image file?
Get the real screen resolution on Ice Cream Sandwich
Error parsing XML: no element found
Fragment/Activity Lifecycles and Orientation Change
Android: DOM vs SAX vs XMLPullParser parsing?
Changing EditText height and width on Runtime with some animation
Android and Guitar Hero controller
Prevent a multiline TextView from unnecessarily expanding to it's maximum width
Record, save and play a video in Android
Android FileObserver passing undocumented event 32768
OpenAL for CrossPlatform Development
How to get the ellipsized text in a TextView

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!