Thursday, October 11, 2012

1-2-3 : See what is in a SAML response



1. Get Fiddler 2 installed http://www.fiddler2.com/fiddler2/version.asp, downlaod  and active HTTPS inspection (HTTPS inspection can break the communication for some services when it is activated, e.g. Outlook using RPC over HTTP)

2. Download XML Notepad from here http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=7973


3. Start Fiddler, hit F8 to see the Inspectors

4. Log on to your SaaS application

5. Go back to Fiddler. Click on the first entry in Web Sessions what is hiting the SaaS vendor, click on Inspectors and RAW on the right hand side. Copy the SAMLresponse from the RAW tab to https://rnd.feide.no/simplesaml/module.php/saml2debug/debug.php

and click on "Decode"

6. Copy the decoded  SAMLresponse to the clipboard.

7. Open XML notepad and hit CTRL-V.




No comments: