Forums, Documentation & Knowledge Base - ComponentSpace

Multiple IDP's in SAML configuration


https://componentspace.com/forums/Topic11603.aspx

By nishikantk - 6/7/2021

Hi,
I am a new user here and we are started implementing SSO for our organization.
We have Version 1:
 Here we Implemented 1 IDP and 1 SP by referring the ExampleIdentityProvider and ExampleServiceProvider, Its working now.

Now we have Version2:
 Here we want to implement 2 different IDP's and 1 SP
so my question is that is if it's possible to setup two IdP's with 1 SP?

If possible then plz give me clear idea about that like What exactly need to configure in appsettings.json for adding 2 IDP's and code inside startup.cs - ConfigureSaml(), Is that any other code or configuration required then also plz mention over there that would be beneficial for me. I am implementing this using asp.net core .


Thanks in advance!

Regards,
Nishikant
By ComponentSpace - 6/10/2021

nishikantk - 6/10/2021
We are now facing the Single logout issue.
When I Click sign out from my SP it InitiateSingleLogout() and    
// Request logout at the identity provider.
    await _samlServiceProvider.InitiateSloAsync(relayState: returnUrl);
but in the middle i dont know how it calls ComponentSpace.Saml2.SamlIdentityProvider.ReceiveSsoAsync()
idp.Controllers.SamlController.SingleSignOnService() in SamlController.cs
    await _samlIdentityProvider.ReceiveSsoAsync();
and it throughs exception -
An unhandled exception occurred while processing the request.
SamlProtocolException: A SAML authn request was expected. Instead samlp:LogoutRequest was received.
ComponentSpace.Saml2.SamlIdentityProvider.ValidateAuthnRequest(XmlElement authnRequestElement)

Does anyone have ideas what is wrong with our SLO implementation?

In the configuration above you have:

"SingleLogoutServiceUrl": "https://localhost:44311/SAML/SingleSignOnService"

This should be:

"SingleLogoutServiceUrl": "https://localhost:44311/SAML/SingleLogoutService"