Announcement Announcement Module
Collapse
No announcement yet.
VMWare Horizon and Spring Security SAML app Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • VMWare Horizon and Spring Security SAML app

    Hi team, have anybody successfully integrated this application with VMWare Horizon?

    I am trying to set it up but keep getting error in Horizon when adding metadata from spring-security-saml2-sample
    "Requested action 'getSPAttrs' failed."

    Any ideas or experience?

  • #2
    How to make your Spring application accept SAML using Spring Security

    Originally posted by Vladimir.Fedorov View Post
    Hi team, have anybody successfully integrated this application with VMWare Horizon?

    I am trying to set it up but keep getting error in Horizon when adding metadata from spring-security-saml2-sample
    "Requested action 'getSPAttrs' failed."

    Any ideas or experience?
    I also found the SAML sample hard to get working, so in the end, I created my own SAML spring security solution. Take a look at the following post on the VMware forums.

    http://communities.vmware.com/message/2132879#2132879

    Comment


    • #3
      Hi,

      Integrating Horizon has been tested and is very easy to do, bellow are detailed steps and some screenshots. The tested version is trunk version of SAML extension from 28.12.2012 and Horizon 1.5.2.885307.

      Initialize IDP metadata
      • Open Horizon as an organization admin, go to Settings -> SAML Certificate and copy link for "Identity Provider (IdP) metadata" (e.g. http://test.rm5.local:8080/SAAS/API/...tadata/idp.xml) (Attachment )
      • Download SAML extension, open saml2-sample/src/main/resources/security/securityContext.xml, find bean "metadata" and replace value "http://idp.ssocircle.com/idp-meta.xml" with the URL stored in the previous step
      • Compile the module with "mvn package" and deploy the saml2-sample/target/spring-security-saml2-sample.war, make sure application is available at e.g. "http://localhost:8080/spring-security-saml2-sample/"

      Initialize SP metadata
      • Back in Horizon select Applications - Add Application, make sure to check "Sign the assertion". In auto-discovery URL enter e.g. "http://localhost:8080/spring-security-saml2-sample/saml/metadata/alias/defaultAlias" (system will provide warning "No attributes were found" when clicking populate attributes, but warning can be safely ignored as metadata is not required to include any attributes). You can define your own attributes and store with Save. (Attachment )
      • Provide the new application to your users e.g. by clicking add on group entitlements and selecting "all users" with automatic deployment. (Attachment )
      • Logout from Horizon

      Test SSO
      • for IDP initialized SSO log-in back to Horizon with your basic user and select the newly created application
        (Attachment , Attachment )
      • for SP initialized SSO open SAML extension, select horizon server from the list of IDPs and click login

      Hope this helps,
      Vladimír Schäfer
      Attached Files

      Comment


      • #4
        Thanks a lot Vladimir, all worked like a charm!

        Comment

        Working...
        X