ComponentSpace

Forums



Examples using AddSaml without Identity or EntityFramework?


Examples using AddSaml without Identity or EntityFramework?

Author
Message
BmH
BmH
New Member
New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)

Group: Forum Members
Posts: 5, Visits: 8
Our company is fairly new to both SAML and ComponentSpace. We're currently trying to set up a new .Net Core SP that does not utilize Identity or EntityFramework. The application is a model that we will use to convert our existing applications to begin utilizing SAML. We cannot use EntityFramework largely because our DB configuration does not permit the type of access needed for that technology to operate. 

Our previous model used "services.AddAuthentication(options =>   {blah });" To establish cookie authentication within the application and defined a loginpath for the users. 

We've found a similar model within ComponentSpace using "services.AddAuthentication().AddSaml(options => {blah}); " We're looking to use this same model, but haven't found any documentation or examples on this process. Specifically, how to configure DefaultAuthenthticateScheme and DefaultChallengeScheme for the Authenitcation. Is this possible?

If we're totally off base here, can you offer any pointers to documentation on setting up an SP without Identity using your product, preferably using CookieAuthentication?
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)

Group: Administrators
Posts: 2K, Visits: 4.6K
The services.AddAuthentication().AddSaml… call enables the SAML authentication handler. This is demonstrated by our MiddlewareServiceProvider. As an alternative, you don’t have to use middleware but instead can call our SAML API as demonstrated by our ExampleServiceProvider.

The two approaches are documented in our Developer Guide and Examples Guide PDFs that you’ll find in the documentation folder.

If you use the middleware approach, the SAML authentication handler will automatically login the user when the SAML response is received. It does this by calling HttpContext.SignInAsync. The first parameter to this call is the sign-in scheme to use which may be specified using the SamlAuthenticationOptions.SignInScheme property. The default scheme is “Identity.External”.

For cookie authentication, you should set this option to CookieAuthenticationDefaults.AuthenticationScheme.

I’m not sure if you’ve seen this but the following article describes cookie authentication.

https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-2.2

The difference though is that the SAML authentication handler is making the call to HttpContext.SignInAsync rather than your application.

If you use the API approach instead, you would make the HttpContext.SignInAsync call directly in your code.


Regards
ComponentSpace Development
BmH
BmH
New Member
New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)

Group: Forum Members
Posts: 5, Visits: 8
ComponentSpace - 8/8/2019
The services.AddAuthentication().AddSaml… call enables the SAML authentication handler. This is demonstrated by our MiddlewareServiceProvider. As an alternative, you don’t have to use middleware but instead can call our SAML API as demonstrated by our ExampleServiceProvider.

The two approaches are documented in our Developer Guide and Examples Guide PDFs that you’ll find in the documentation folder.

If you use the middleware approach, the SAML authentication handler will automatically login the user when the SAML response is received. It does this by calling HttpContext.SignInAsync. The first parameter to this call is the sign-in scheme to use which may be specified using the SamlAuthenticationOptions.SignInScheme property. The default scheme is “Identity.External”.

For cookie authentication, you should set this option to CookieAuthenticationDefaults.AuthenticationScheme.

I’m not sure if you’ve seen this but the following article describes cookie authentication.

https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-2.2

The difference though is that the SAML authentication handler is making the call to HttpContext.SignInAsync rather than your application.

If you use the API approach instead, you would make the HttpContext.SignInAsync call directly in your code.

Thanks for the response. What we were really looking for was a way to invoke the SAML library without using Identity for user management, because EntityFramework isn't something we currently utilize in our software. In the end, we simply changed the application constraints to allow the use of Identity, as you use in your examples.
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)ComponentSpace Development (2.9K reputation)

Group: Administrators
Posts: 2K, Visits: 4.6K
Thanks for the update. Just to clarify, we don't require Microsoft Identity or the Entity Framework. Our examples make use of these as they're the most common approach but the SAML API itself has no such dependencies.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Social Logins

Select a Forum....









ComponentSpace Forums


Search