What I have done so far is that:
I downloaded Spring boot saml example from here and it is working fine. I added two REST services (Service A and Service B) into source and they are also working fine with SAML SSO. When the user accesses a protected resource (Service A or Service B) on the SP, he is forwarded to a protected resource on the IDP. So because the user isn't logged in yet, they are redirected to a login page. After logging in, the original request is played back and the authNRequest/Response is done and the user is redirected to the original secured resource (Service A or B).
What I do is that:
I run the source twice at the same time in two different ports (8080 and 9000, two different Tomcats) and Service A in port 8080 (Tomcat-1) makes a call to Service B in port 9000 (Tomcat-2). It is redirecting the request to IdP selection.
What I am trying to do is that:
When Service A in port 8080 (Tomcat-1) calls Service B in port 9000 (Tomcat-2), I want to check the user is already authenticated in IdP (in Service B, port 9000) or not and then if he is authenticated, let him go.
In Service B (port 9000), how do I check that the call is made by an authenticated?
I'm afraid this can not be achieved by standard SAML means. SAML was not designed to protected services/APIs, but to achieve Web Single Sign On without the use of cookies. I also doubt that the ECP profile can be used in that case and ECP profile is not widely implemented. However there is https://www.rfc-editor.org/rfc/rfc7522 which allows to retrieve an OAuth2 authorization code from SAML assertion.