In my previous blog Integrating SAML with Rails Application, I told you how we can integrate SAML in your application and also told you few things regarding the Service Provider and Identity Provider. So once you have a ready Identity Provider, everything is fine, but mostly the case is that it is available only once you are deploying it in staging or production. So sometimes it is very difficult to test or customize your application locally. For those reasons here I am going to tell you how we can set a local Idp server that fulfills our need of testing SAML integration:
For setting up IdP, I am using "ruby-saml-idp" gem. Integrating is really very quick. Let me show you step-by-step:
1. Add this to your Gemfile.
2. Run the bundle.
3. The gem automatically creates a controller for you and for that you need to add routes in your routes file like this:
get '/auth' => 'saml_idp#new'
post '/auth' => 'saml_idp#create'
4. You can use this '/auth' url as your idp_sso_target_url, so when the request will come here it will open an authentication form.
5. After entering some authentication details, you need to verify them at your end, so for that you can create another controller inheriting the default SamlIdp::IdpController controller, and inside that you can write this code:
class SamlIdpController < SamlIdp::IdpController
def idp_authenticate(email, password)
# Write any logic of your choice depending upon your need
## For successful return true and for unsuccessful return false
# You can create your saml response here, which will be received at the callback / assertion_consumer_service_url set in the incoming saml request
6. Thus after verifying the request a saml response is sent to the assertion_consumer_service_url, which was set in the settings of the saml request, which was made from the Service Provider.
7. You can also test the certificate fingureprints etc at this dummy IdP server.