Home
Products
Downloads
Purchase
Support
Forums
About
Back
Forums, Documentation & Knowledge Base - ComponentSpace
Register
Login
ComponentSpace
Forums
Home
»
ComponentSpace Support Forums
»
Questions - SAML SSO for ASP.NET
»
Is there a way to know what the target url is at the Identity...
Is there a way to know what the target url is at the Identity provider?
Post Reply
Prev
1
2
3
Is there a way to know what the target url is at the Identity...
View
Options
Author
Message
btobias
btobias
Posted 6 Years Ago
#8734
New Member
Group: Forum Members
Posts: 6,
Visits: 25
+
x
ComponentSpace - 5/5/2018
Sorry, I misunderstood your question.
You can send the return URL as relay state when you call SAMLServiceProvider.InitiateSSO.
For example, in your login page:
var returnUrl = Request.QueryString["ReturnUrl"];
SAMLServiceProvider.InitiateSSO(Response, returnUrl, partnerIdP);
When you call SAMLServiceProvider.ReceiveSSO, the targetUrl output parameter should be set to the returnUrl parameter passed in as the relay state to SAMLServiceProvider.InitiateSSO.
You should check that the targetUrl is within your web application to avoid potential open redirect attacks.
Alternatively, you could store the returnUrl in your ASP.NET session or elsewhere rather than using relay state/target URL.
Nice. I am using Session to preserve the "ReturnURL". It works perfectly.
After logout, it redirect to ADFS login page, with query string SAML
https://adfs.pcci.edu/adfs/ls/?SAMLRequest=hZLLTsMwEEV%2FJfI%2Bz6bQWm2l0gpRqUBECws2aJJMqCXHDh6Hx9%2FjpFBg0bL0aO7cM3M9Iahlw%2Bet3ak7fGmRrLdaTtlTngxLrBLwxynEflpGI398Nqz8UYz5IMlTGAEy7wENCa2mLAki5q2IWlwpsqCsK0XxyI%2BGfnS%2BjVM%2BiPlgGETj5JF5S%2BciFNheubO2IR6GUFYUNEUhAizb%2FhVKCpl3qU2BPd%2BUVSAJO58MiMQrHiqZ0VYXWl4IVQr1PGWtUVwDCeIKaiRuC76ZX6%2B54%2BT5von41Xab%2BdntZsu8ORGaDmihFbU1mg2aV1Hg%2Fd36B9E67kCK3ID5OKByt2cah9308NiUAKh5Z957LRXx%2FuKnCZuvddhs0nXz%2FrDml%2F60HL4x2KxD%2F4d8Ev7y2Bs2%2FMYNXS0zLUXx0UVQgz3uGQdxXxGlX%2FWtvFXUYCEqgaW7rZT6bWEQrAvMmtblFc72rn9%2F3uwT&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VddFSGRMyqbm5j2vW9DGvDlDr%2FaKFFY0%2B9DrZlfcTSrMqS0AQAPKE%2BE3HOU1cMWLZzuuldfoPwizQePl1z%2FNJx5%2B93qNKP1o0JawQChZUt9OlhPc%2BwZQJQ70AI4XHgyQo1GMqKZuQICz%2FJwzWbWcCwf%2FrTy2htRau5k4e0xYQI2T%2FW19cABFVwxyd8viwggp0LVtBdALDZXVc%2FpjXgyoiMBaX5ZfkjFyhvhxSkhFoG8pURrtnkS0PsGLPhvgVtH1m2ZBu6NdgfbK8TF9o16icoinp4TN4r8I21WM1u%2BmLprknLYZ1m1nvZieSxEl%2B8FyYxgdvaKTKLhBoI6nwI1Pfw%3D%3D
With username/password there, it is possible for the user to login again and expecting to redirect to previous page on Service Provider (the page where user click "Logout", it can be anywhere on the website). but, it is not the case. the SAMLRequest is the logout request and it will hit SLOService.aspx first. Is there any way to prevent this?
Reply
ComponentSpace
ComponentSpace
Posted 6 Years Ago
#8735
ComponentSpace Development
Group: Administrators
Posts: 3.2K,
Visits: 11K
No. ADFS will send the logout response to the configured logout service URL (ie SLOService.aspx).
Your application could then redirect the user to whichever page you like using the ReturnURL saved in the session.
Regards
ComponentSpace Development
Reply
btobias
btobias
Posted 6 Years Ago
#8737
New Member
Group: Forum Members
Posts: 6,
Visits: 25
+
x
ComponentSpace - 5/7/2018
No. ADFS will send the logout response to the configured logout service URL (ie SLOService.aspx).
Your application could then redirect the user to whichever page you like using the ReturnURL saved in the session.
Super. Thanks for the clarification.
Reply
ComponentSpace
ComponentSpace
Posted 6 Years Ago
#8739
ComponentSpace Development
Group: Administrators
Posts: 3.2K,
Visits: 11K
You're welcome.
Regards
ComponentSpace Development
Reply
GO
Post Reply
Prev
1
2
3
Similar Topics
Post Quoted Reply
Login
Existing Account
Email Address:
Password:
Reset Your Password
Remember Me
Select a Forum....
ComponentSpace Support Forums
Questions - SAML SSO for ASP.NET
Questions - SAML SSO for ASP.NET Core
Questions - OpenID for ASP.NET Core
ComponentSpace Documentation
Announcements
Documentation - SAML SSO for ASP.NET
Documentation - SAML SSO for ASP.NET Core
Documentation - OpenID for ASP.NET Core
ComponentSpace Knowledge Bases
Knowledge Base - SAML SSO for ASP.NET
Knowledge Base - SAML SSO for ASP.NET Core
Knowledge Base - OpenID for ASP.NET Core
Explore
Home
Latest
Popular
Search
Tags
Forums
ComponentSpace Support Forums
Questions - SAML SSO for ASP.NET
Questions - SAML SSO for ASP.NET Core
Questions - OpenID for ASP.NET Core
ComponentSpace Documentation
Announcements
Documentation - SAML SSO for ASP.NET
Documentation - SAML SSO for ASP.NET Core
Documentation - OpenID for ASP.NET Core
ComponentSpace Knowledge Bases
Knowledge Base - SAML SSO for ASP.NET
Knowledge Base - SAML SSO for ASP.NET Core
Knowledge Base - OpenID for ASP.NET Core
Forums, Documentation & Knowledge Base - ComponentSpace
Login
Register
Search
Flat Ascending
Flat Descending
Threaded
Subscribe to topic
Print This Topic
Goto Topics Forum
Jump To Page
Jump To Page