ComponentSpace

Forums



Unable to sign LogoutRequest


Unable to sign LogoutRequest

Author
Message
SSODeveloper
SSODeveloper
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Forum Members
Posts: 2, Visits: 2
I'm using the certificate that comes with the product. Not sure what I'm doing wrong. I tried using SHA256 as well.

   X509Certificate2 x509Certificate = new X509Certificate2(@"D:\Projects\Sandbox\ComponentSpace SAML\ComponentSpace SAML v2.0 for .NET\Examples\SSO\HighLevelAPI\WebForms\ExampleServiceProvider\Certificates\sp.pfx", "password");

    LogoutRequest logoutRequest = new LogoutRequest();

    logoutRequest.NameID = new NameID("kmilleson");
    logoutRequest.Destination = "https://localhost/ExampleIdentityProvider/SAML/SLOService.aspx";
    logoutRequest.Issuer = new Issuer("https://localhost/ExampleServiceProvider");
    logoutRequest.IssueInstant = DateTime.UtcNow;
    logoutRequest.NotOnOrAfter = DateTime.UtcNow.AddMinutes(1);
    logoutRequest.Reason = "SP Logout";

    logoutRequest.SessionIndexes = new List<SessionIndex>();
    SessionIndex session = new SessionIndex("_" + Guid.NewGuid());
    logoutRequest.SessionIndexes.Add(session);

    SAMLMessageSignature.Generate(logoutRequest.ToXml(), x509Certificate.PrivateKey, x509Certificate, null, SAMLIdentifiers.DigestMethods.SHA1, SAMLIdentifiers.SignatureMethods.RSA_SHA1);

    // this works but is unsigned
    SingleLogoutService.SendLogoutRequestByHTTPPost(Response, "https://localhost/ExampleIdentityProvider/SAML/SLOService.aspx", (XmlElement)logoutRequest.ToXml(), null);

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
If possible, I would recommend using the SAML high-level API as it's easier to use. The example projects are under Examples\SSO\HighLevelAPI.
In your code, you need to save the converted XML to a variable.
For example:

// Serialize the logout request to XML.
XmlElement logoutRequestElement = logoutRequest.ToXml();

// Sign the logout request.
SAMLMessageSignature.Generate(logoutRequestElement, x509Certificate.PrivateKey, x509Certificate,
    null, SAMLIdentifiers.DigestMethods.SHA1, SAMLIdentifiers.SignatureMethods.RSA_SHA1);

// Send the logout request
SingleLogoutService.SendLogoutRequestByHTTPPost(Response,
    "https://localhost/ExampleIdentityProvider/SAML/SLOService.aspx",
    logoutRequestElement, null);




Regards
ComponentSpace Development
SSODeveloper
SSODeveloper
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Forum Members
Posts: 2, Visits: 2
ComponentSpace - 5/6/2017
If possible, I would recommend using the SAML high-level API as it's easier to use. The example projects are under Examples\SSO\HighLevelAPI.
In your code, you need to save the converted XML to a variable.
For example:

// Serialize the logout request to XML.
XmlElement logoutRequestElement = logoutRequest.ToXml();

// Sign the logout request.
SAMLMessageSignature.Generate(logoutRequestElement, x509Certificate.PrivateKey, x509Certificate,
    null, SAMLIdentifiers.DigestMethods.SHA1, SAMLIdentifiers.SignatureMethods.RSA_SHA1);

// Send the logout request
SingleLogoutService.SendLogoutRequestByHTTPPost(Response,
    "https://localhost/ExampleIdentityProvider/SAML/SLOService.aspx",
    logoutRequestElement, null);



Thank you very much. That solves the issue. I did not expect such a quick response!

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
You're welcome.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search