How can we on ABAP 7.40 system authenticate a SAML assertion with X.509 payload.
The root certificate can be loaded as per x.509 log on scenarios.
X.509 ticket use with users managing personal key store is not an option.
SAML2 IP initiated SSO2 has been approved. And is used with other software vendors at the site. Eg Salesforce
I can only find SAP documentation such as
and
http://help.sap.com/saphelp_nw70ehp2/helpdata/en/46/631b92250b4fc1855686b4ce0f2f33/content.htm
which are different scenarios
SAP is not the SAML2 ID provider.
The SAML2 provider is an initiator as per SAML 1.1. But SAML2 is no used.
We want to use the scenario IP initiation SSO via SAML2.
See section 5.1.4 of the SAML standard
https://www.oasis-open.org/committees/download.php/27819/sstc-saml-tech-overview-2.0-cd-02.pdf
This is a valid and documented STANDARD.
How to in SAP 7.40 ABAP. ?
sample
saml:Assertion ID="Assertion-uuida5f692cd-0140-128b-92fa-fb8c3748ef02" IssueInstant="2013-08-22T12:18:54Z" Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> etc