ComponentSpace

Forums



samlResponse Response in ComponentSpace


samlResponse Response in ComponentSpace

Author
Message
Dinesh92d
Dinesh92d
New Member
New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)

Group: Forum Members
Posts: 4, Visits: 65
How To Get Response in ComponentSpace ? . I Am Using  Request["SAMLResponse"]; for mvc C# FormCollection . And I am not Assigned to samlResponse . What Will Do for Assigned Data?

  SAMLResponse samlResponse = new SAMLResponse();
   string rawSamlData = Request["SAMLResponse"];
   samlResponse =rawSamlData ;

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
I think you're working at too low a level.
You don't need to access the HTTP request or response.
You also don't need to construct SAMLResponse objects which are part of our SAML low-level API.
All these details are handled for you when you use the SAML high-level API which is what we recommend.
I suggest taking a look at the MvcExampleIdentityProvider and MvcExampleServiceProvider projects which are under the Examples\SSO\HighLevelAPI\MVC folder. These are described in section 10.2 of our Developer Guide PDF.
If you're acting as the IdP, you make a single API call (SAMLIdentityProvider.InitiateSSO) to create a SAML response containing a SAML assertion, sign it, encode it and send it to the SP.
If you're acting as the SP, you make a single API call (SAMLServiceProvider.ReceiveSSO) to receive the SAML response, decode it, verify the signature, and extract useful information from the SAML assertion.

Regards
ComponentSpace Development
Chandresh Sanghavi
Chandresh Sanghavi
New Member
New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)

Group: Forum Members
Posts: 13, Visits: 63
ComponentSpace - 2/8/2018
I think you're working at too low a level.
You don't need to access the HTTP request or response.
You also don't need to construct SAMLResponse objects which are part of our SAML low-level API.
All these details are handled for you when you use the SAML high-level API which is what we recommend.
I suggest taking a look at the MvcExampleIdentityProvider and MvcExampleServiceProvider projects which are under the Examples\SSO\HighLevelAPI\MVC folder. These are described in section 10.2 of our Developer Guide PDF.
If you're acting as the IdP, you make a single API call (SAMLIdentityProvider.InitiateSSO) to create a SAML response containing a SAML assertion, sign it, encode it and send it to the SP.
If you're acting as the SP, you make a single API call (SAMLServiceProvider.ReceiveSSO) to receive the SAML response, decode it, verify the signature, and extract useful information from the SAML assertion.



Chandresh Sanghavi
Chandresh Sanghavi
New Member
New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)

Group: Forum Members
Posts: 13, Visits: 63
ComponentSpace - 2/8/2018
I think you're working at too low a level.
You don't need to access the HTTP request or response.
You also don't need to construct SAMLResponse objects which are part of our SAML low-level API.
All these details are handled for you when you use the SAML high-level API which is what we recommend.
I suggest taking a look at the MvcExampleIdentityProvider and MvcExampleServiceProvider projects which are under the Examples\SSO\HighLevelAPI\MVC folder. These are described in section 10.2 of our Developer Guide PDF.
If you're acting as the IdP, you make a single API call (SAMLIdentityProvider.InitiateSSO) to create a SAML response containing a SAML assertion, sign it, encode it and send it to the SP.
If you're acting as the SP, you make a single API call (SAMLServiceProvider.ReceiveSSO) to receive the SAML response, decode it, verify the signature, and extract useful information from the SAML assertion.

Hello,

I am getting error while calling InitiateSSO while implementing IDP-Initiated SSO. 
        Error -  A signing key is required to generate an XML signature.'

My Call to InitiateSSO is like this
SAMLIdentityProvider.InitiateSSO(
           Response,
           "USER_NAME_GOES_HERE",
           new Dictionary<string, string>() {
           { "UserEmail", "USER_EMAIL_GOES_HERE" },
           { "membership-number", "12345678" } },
           "ASSERTION_CONSUMER_SERVICE_GOES_HERE",
           "NAME_PARTNER_SERVICE_PROVIDER_GOES_HERE");

Here is what I am doing:
I am working on IDP Initiated SSO and trying to use code similar to the one in MvcExampleIdentityProvider. First, I Configured Local Identity Provider and One Partner Service Provider and Setup the SAMLConfiguration on fly (instead of using saml.config). I am also not using the cer/pfx file and use ICertificationManager. I implemented all the virtual functions for interface ICertificationManager.. One of the function is implemented as below:

public IList<X509Certificate2> GetLocalIdentityProviderSignatureCertificates(string configurationID, string partnerServiceProviderName)
   {
        if (partnerServiceProviderName == "PARTNER_SERVICE_PROVIDER_NAME")
       {
             // the String used below is straight out from idp.cer by of MvcExampleIdentityProvider project. (I opened the idp.cer and copy pasted the string excluding BEGIN/END CERTIFICATE)
              byte[] cer = Encoding.ASCII.GetBytes("MIIDAT...");
              return new List<X509Certificate2>()
             {
                   new X509Certificate2(cer, "", X509KeyStorageFlags.MachineKeySet)
             };
       }
              throw new NotImplementedException();
   }

Not sure where I need to do to fix this error. I have successfully tested the HightLevelAPI MVC projects and the same call InitiateSSO in MvcExampleIdentityProvider works fine.

Thanks
Chandresh
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Hi Chandresh
The XML signature is generated using your private key.
In your GetLocalIdentityProviderSignatureCertificates, please ensure X509Certificate2.HasPrivateKey is true.




Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 1 query. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search