Read Me Page
Validate WCAG, Section 508, HTML, CSS, Links, and Spelling

SAML based authentication

With SAML based authentication systems the user gains access to one system (called the 'Service Provider' or 'SP' for short) by logging into a different authentication system (called the 'Identity Provider' or 'IdP' for short). So two distinct hosts are involved; the SP and the IdP. The usual process is to start on the SP you wish to access, which redirects you to the IdP to log in, which then redirects you back to the SP where you can now access the SP system.

Total Validator can work with such a system in order to validate pages on the SP system. But you need to understand the login system being used or you will have little chance of getting it to work and you will be better off using one of our browser extensions instead.

Note that Total Validator will not validate or follow any links on any pages on the IdP. It will just respond to <meta> and HTTP redirects, and look for and execute any matching forms on the pages returned. Also note that the Total Validator application does not execute any javascript. So any processing involved must not rely on javascript being executed by a user's browser.

top

How to configure Total Validator

Before you start we strongly advise that you have worked with our example form first. Although this does not use SAML it will help familiarise you with several potential pitfalls when dealing with login forms.

Total Validator only validates pages with the same hostname as the Starting page. So your Starting page must be a URL pointing to the SP system that will redirect to the IdP login page. You cannot start with the URL of the login page on the IdP. If your system doesn't have such a URL on the SP system then Total Validator cannot work.

On the Include tab you will need to specify any log off links on the SP system as you would for a normal login form. Also you should never set the Follow below, the Follow remote or the Depth options, as these will prevent the login process from working properly.

Finally, because Total Validator needs to perform special processing to deal with the redirections and forms involved you must check the SAML option on the Forms tab. You will also need to add Form details to match each of the forms involved: Because as well as the form where the user enters their login details, there is often a second form which is automatically posted.

top