The SAML Test Application

We provide a sample application that you can use to demonstrate SAML-based Single-Sign-On with the AS Java. The application uses the following building blocks:

SAML Test Application Services and Modules

• The applications sap.com/tc~sec~saml~app and tc~sec~saml~ssodemoapp are started.
• The SAML Service is started.
• The user that executes the set-up module has a role assignment that contains the SAMLSSODEMO_SETUP action.
  Note

  The set-up service automatically creates the users needed to demonstrate SAML-based Single Sign-On and assigns them the corresponding roles.

Each of the services or modules are responsible for the following activities:

• Source site application

  Using this application, you specify the information that to be contained in the SAML assertion for the user (user ID and the authentication method used) and the destination URL to which the user's Web browser is to be redirected. Alternatively, you can let the system derive this data from the current user session.

  Note

  For the test application, you can enter the user information manually. In a productive SAML assertion provider, this information is always determined from the security session of the source site.

• Destination site application

  This application is the requested resource at the destination site.

• Automatic set-up application

  Using this application, you can set up your AS Java for using the test application. It creates the necessary users, assigns required roles and configures the destination site's login module stacks.

• Sample mapping module

  The use of this module is deprecated. For scenarios where the AS Java uses an AS ABAP user data source, we recommend that you use the mapping functions for the AS ABAP.

For more information, see:

• Setting Up the SAML Test Application
• Using the SAML Test Application