ComponentSpace

Forums



Using ComponentSpace SAML with ServiceStack


Using ComponentSpace SAML with ServiceStack

Author
Message
scotru
scotru
New Member
New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)

Group: Forum Members
Posts: 6, Visits: 19
Greetings,

I'm basically having the same question as https://www.componentspace.com/Forums/1424/Using-SAML-20-library-in-a-selfhosted-ServiceStack-application, but now using the .NET Core version.  How to use the high level ComponentSpace API with a self-hosted ServiceStack .NET Core application?  I am trying to implement a ServiceStack Auth provider that supports SAML (similar to https://github.com/americansystems/servicestack-auth-saml/blob/master/ServiceStack.Auth.Saml/SamlAuthProvider.cs)  But I'd like it to be based on the commercially supported ComponentSpace libraries.  It seems like ReceiveSsoAsync and InitiateSsoAsync are too high level to be called from my ServiceStack "Authenticate" function which has already parsed the request into a POCO. I don't know much about the inner workings of .NET Core's request pipeline.  Can anyone point me in the right direction here?  Is it possible to use ComponentSpace SAML libraries with a self-hosted ServiceStack .NET Core application?

Thanks!



ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
You have a few options.
The first is to replace the current implementation of the IHttpRequest and IHttpResponse interfaces that are defined under the ComponentSpace.Saml2.Bindings namespace. Your implementation would be based off accessing the equivalent HTTP request and response objects in ServiceStack and you would register these at application startup. For example, if your implementation classes were ServiceStackHttpRequest and ServiceStackHttpResponse, your code would be:


services.TryAddTransient<IHttpRequest, ServiceStackHttpRequest>();
services.TryAddTransient<IHttpResponse, ServiceStackHttpResponse>();


This approach would be best depending on how feasible it is to implement these interfaces and whether or not it fits into the ServiceStack model. 

The second option is to not use the ISamlIdentityProvider or ISamlServiceProvider interfaces normally used when supporting SAML SSO.
Instead, you would call the low-level APIs. Classes for manipulating SAML protocol messages and SAML assertions are under the ComponentSpace.Saml2.Protocols and  ComponentSpace.Saml2.Assertions namespaces respectively. This would require more application code but provides the greatest flexibility.
This approach is closer to the code in the SamlAuthProvider.cs link you sent.

The third option is to use our SAML authentication handler middleware. However, I'm not sure if ASP.NET Core authentication handlers are supported in ServiceStack.

Regards
ComponentSpace Development
scotru
scotru
New Member
New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)

Group: Forum Members
Posts: 6, Visits: 19
ComponentSpace - 6/11/2019
The third option is to use our SAML authentication handler middleware. However, I'm not sure if ASP.NET Core authentication handlers are supported in ServiceStack.

I'm exploring the Middleware option further.  Does your Middleware have a depedency on Microsoft .NET Core Identity or can it be used independently?  

--Rudy


ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
It calls HttpContext.SignInAsync to log the user in once the SAML response is received and processed.
The sign-in scheme is configurable through the SAML authentication options.

Regards
ComponentSpace Development
scotru
scotru
New Member
New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)

Group: Forum Members
Posts: 6, Visits: 19
The new approach we are looking at for our application is going to be to add an IdentityServer4 dependency and use it as a service provider and use ComponentSpace as an external provider for IdentityServer4.  Then IdentityServer4 will issue JWTs for use with ServiceStack.  This will also provide some other advantages by decentralizing authentication.  However, I've run into a new problem here with the integration regarding the returnUrl.  I really appreciate your excellent support.  As soon as I can get this demo working, we will be purchasing.  


ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Let us know how you go or if you need any assistance. I've responded to your other forum post.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search