ComponentSpace

Forums



SAML Session in web farm scenario and using redis distributed cache


SAML Session in web farm scenario and using redis distributed cache

Author
Message
karun
karun
New Member
New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)

Group: Forum Members
Posts: 5, Visits: 121
Hi,

We are using Asp .net 4.7.2 and component space SAML v3.5 for ASP .Net. We have our webforms based application deployed in a web farm environment (2 VMs with a load balancer). We are seeing Saml assertion handler is trying to verify -InResponseTo flag on the SP (Recieve SSO) call from IdP and failing on subsequent login requests. Referenced to this post:https://www.componentspace.com/Forums/1749/SAML-message-InResponseTo-doesnt-match and we are facing the same problem

I understand that we have to implement the DB session store and can overcome this based on your documentation. We are also using Redis distributed cache in our application. Can I use the Redis cache to store the SAML session for my application? I found reference for Redis cache in Component space documentation for .Net core applications but not  Asp.Net web forms based application... Please advise? Any references or examples would help us.

Thanks!
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Redis can also be used as a central repository of SAML session state information.

You need to implement the ISSOSessionStore interface by extending the AbstractSSOSessionStore class. These are under the ComponentSpace.SAML2.Data namespace. The Load, Save and Delete methods need to be implemented. There are Serialize and Deserialize helper methods for converting SAML session objects to and from byte arrays. The CreateSessionIDForType method returns a unique session key that may be used as the index when storing/retrieving SAML session data.

You register your implementation at application start-up by settings the SAMLController.SSOSessionStore property.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search