Dec 6, 2013, 4:00 AM
36 Posts

Has anyone ever used SAML authentication?

  • Category: Domino Administrator
  • Platform: Windows
  • Release: 9.0.1
  • Role: Administrator,Developer,End User
  • Tags: ADFS,SAML
  • Replies: 5

On all questions asked about SAML here there is no serious response from the community or IBM.

Has anyone ever used SAML authentication with Domino 9 and MS ADFS 2.0, and if so, does it work like it should?

Dec 9, 2013, 6:14 PM
93 Posts
Yes
I've seen (and personally responded to) a number of threads involving SAML-based authentication on the forums. It looks like a couple of questions that were posted over the Thanksgiving holiday in the US fell through the cracks; I'll forward them to the relevant developers.

Thanks,

dave
Dec 16, 2013, 1:45 PM
18 Posts
some comments
From my point of view it works well as long as your clients are near by the ADFS servers, most preferrable using LAN connections.
ADFS High Availabilty is a critical point, because there is no fall back if the ADFS server is offline/not reachable, but this can be solved using ADFS farms, but we never tested it (neither IBM so far as I know).
If you think about iNotes and Notes Browser Plugin, be aware that NBP does not support SAML right now.

Although I've tried for many days, I never get WFL (iNotes with encrypted Mail support) running when the iNotes Server does not host a Vault replica.
I was always prompted for the notes id PW and after 2 weeks trying, I gave up (never tried it with 9.0.1)

If you think about client that are offline from time to time, Notes Shared Login is your friend, with all disadvantages (machine specific encryption).

As far as I know is SAML not supported in ST 9.0 as authentication method, but I am not an authorative source for that.

You have to keep in mind that you a tied to a strong AD adminstration dependency because you as a Domino Administrator have to rely on your AD administrator colleagues.
So start being nice to them, you WILL need their support.
Jan 8, 2014, 4:21 AM
36 Posts
Gave up on iNotes and SAML

The iNotes server hosts the ID Vault database.

It's still not working, customer is now planning to migrate to Exchange.

Feb 4, 2015, 1:36 PM
1 Posts
Yes i have done SAML Domino 9 and MS ADFS 2.0

Hi,

It took me lot of time to configure the setup. Now i have successfully achieved SAML authentication.

Web Federated Login is working seamlessly in my case now.