// This method demonstrates loading configuration programmatically by calling the SAML configuration API. // Alternatively, configuration may be loaded programmatically by implementing the ISAMLConfigurationResolver interface. // Either of these approaches may be used if you wish to store configuration in a custom database, for example. // If not configured programmatically, configuration is loaded automatically from the saml.config file // in the application's directory. private static void LoadSAMLConfigurationProgrammatically() { SAMLConfiguration samlConfiguration = new SAMLConfiguration() { LocalServiceProviderConfiguration = new LocalServiceProviderConfiguration() { Name = "http://ExampleServiceProvider", AssertionConsumerServiceUrl = "~/SAML/AssertionConsumerService.aspx", LocalCertificateFile = @"certificates\sp.pfx", LocalCertificatePassword = "******" } }; samlConfiguration.AddPartnerIdentityProvider( new PartnerIdentityProviderConfiguration() { Name = "http://ExampleIdentityProvider", SignAuthnRequest = true, SingleSignOnServiceUrl = "http://*****:*****@"certificates\idp.cer" }); SAMLController.Configuration = samlConfiguration; }
private static void ConfigureIdentityProvidersUsingRepository( SAMLConfiguration samlConfiguration, SamlIdentityProvidersRepository repository) { SamlPocTraceListener.Log("SAML", "SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: Loading Identity Providers"); var providers = repository.GetRegisteredIdentityProviders(); SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: {providers.Count()} Identity Providers loaded:"); var providersConfig = Utils.SerializeToJson(providers); SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: Identity Providers configuration:\r\n{providersConfig}"); foreach (var provider in providers) { samlConfiguration.AddPartnerIdentityProvider( new PartnerIdentityProviderConfiguration() { Name = provider.Name, Description = provider.Description, SignAuthnRequest = provider.SignAuthnRequest, SingleSignOnServiceUrl = provider.SingleSignOnUrl, SingleLogoutServiceUrl = provider.SingleLogoutUrl, PartnerCertificateFile = provider.CertificateFile, UseEmbeddedCertificate = provider.UseEmbeddedCertificate, DisableInboundLogout = !provider.SingleLogoutSupported, DisableOutboundLogout = !provider.SingleLogoutSupported }); } }
// This method demonstrates loading configuration programmatically. // This is useful if you wish to store configuration in a custom database, for example. // Alternatively, configuration is loaded automatically from the saml.config file in the application's directory. private static void LoadSAMLConfigurationProgrammatically() { SAMLConfiguration samlConfiguration = new SAMLConfiguration(); samlConfiguration.ServiceProviderConfiguration = new ServiceProviderConfiguration() { Name = "urn:componentspace:ExampleServiceProvider", AssertionConsumerServiceUrl = "~/SAML/AssertionConsumerService.aspx", CertificateFile = "sp.pfx", CertificatePassword = "******" }; samlConfiguration.AddPartnerIdentityProvider( new PartnerIdentityProviderConfiguration() { Name = "urn:componentspace:ExampleIdentityProvider", SignAuthnRequest = false, WantSAMLResponseSigned = true, WantAssertionSigned = false, WantAssertionEncrypted = false, SingleSignOnServiceUrl = "http://localhost/ExampleIdentityProvider/SAML/SSOService.aspx", SingleLogoutServiceUrl = "http://localhost/ExampleIdentityProvider/SAML/SLOService.aspx", CertificateFile = "idp.cer" }); SAMLConfiguration.Current = samlConfiguration; }
// This method demonstrates loading configuration programmatically. // This is useful if you wish to store configuration in a custom database, for example. // Alternatively, configuration is loaded automatically from the saml.config file in the application's directory. private static void LoadSAMLConfigurationProgrammatically() { SAMLConfiguration samlConfiguration = new SAMLConfiguration(); samlConfiguration.ServiceProviderConfiguration = new ServiceProviderConfiguration() { Name = "urn:componentspace:ExampleServiceProvider", AssertionConsumerServiceUrl = "~/SAML/AssertionConsumerService.aspx", CertificateFile = "sp.pfx", CertificatePassword = "******" }; samlConfiguration.AddPartnerIdentityProvider( new PartnerIdentityProviderConfiguration() { Name = "urn:componentspace:ExampleIdentityProvider", SignAuthnRequest = false, WantSAMLResponseSigned = true, WantAssertionSigned = false, WantAssertionEncrypted = false, SingleSignOnServiceUrl = "http://localhost/ExampleIdentityProvider/SAML/SSOService.aspx", SingleLogoutServiceUrl = "http://localhost/ExampleIdentityProvider/SAML/SLOService.aspx", CertificateFile = "idp.cer" }); SAMLConfiguration.Current = samlConfiguration; }
private static void ConfigureIdentityProvidersUsingHardcodedConfiguration(SAMLConfiguration samlConfiguration) { samlConfiguration.AddPartnerIdentityProvider( new PartnerIdentityProviderConfiguration() { Name = "http://cone-idp", Description = "Cone Identity Provider", SignAuthnRequest = true, SingleSignOnServiceUrl = "http://cone-idp/SAML/SSOService", SingleLogoutServiceUrl = "http://cone-idp/SAML/SLOService", PartnerCertificateFile = "Certificates\\idp.cer" }); samlConfiguration.AddPartnerIdentityProvider( new PartnerIdentityProviderConfiguration() { Name = "https://shib-idp/", Description = "Shibboleth Identity Provider", SignAuthnRequest = true, SingleSignOnServiceUrl = "https://shib-idp/SAML/SSOService.aspx?binding=redirect", PartnerCertificateFile = "Certificates\\idp.cer", DisableInboundLogout = true, DisableOutboundLogout = true }); samlConfiguration.AddPartnerIdentityProvider( new PartnerIdentityProviderConfiguration() { Name = "http://kentor-idp/Metadata", Description = "Kentor Identity Provider", SignAuthnRequest = true, SingleSignOnServiceUrl = "http://kentor-idp/", SingleLogoutServiceUrl = "http://kentor-idp/Logout", UseEmbeddedCertificate = true }); }
// This method demonstrates loading multi-tenanted configuration programmatically by calling the SAML configuration API. // Alternatively, configuration is loaded automatically from the multi-tenanted saml.config file in the application's directory. private static void LoadMultiTenantedSAMLConfigurationProgrammatically() { SAMLConfigurations samlConfigurations = new SAMLConfigurations(); SAMLConfiguration samlConfiguration = new SAMLConfiguration() { ID = "tenant1", LocalServiceProviderConfiguration = new LocalServiceProviderConfiguration() { Name = "http://ExampleServiceProvider", AssertionConsumerServiceUrl = "~/SAML/AssertionConsumerService.aspx", LocalCertificates = new List <CertificateConfiguration>() { new CertificateConfiguration() { FileName = @"certificates\sp.pfx", Password = "******" } } } }; samlConfiguration.AddPartnerIdentityProvider( new PartnerIdentityProviderConfiguration() { Name = "http://ExampleIdentityProvider", SignAuthnRequest = true, SingleSignOnServiceUrl = "http://*****:*****@"certificates\idp.cer", } } }); samlConfigurations.AddConfiguration(samlConfiguration); samlConfiguration = new SAMLConfiguration() { ID = "tenant2", LocalServiceProviderConfiguration = new LocalServiceProviderConfiguration() { Name = "http://ExampleServiceProvider2", AssertionConsumerServiceUrl = "~/SAML/AssertionConsumerService.aspx", LocalCertificates = new List <CertificateConfiguration>() { new CertificateConfiguration() { FileName = @"certificates\sp2.pfx", Password = "******" } } } }; samlConfiguration.AddPartnerIdentityProvider( new PartnerIdentityProviderConfiguration() { Name = "http://ExampleIdentityProvider2", SignAuthnRequest = true, SingleSignOnServiceUrl = "http://*****:*****@"certificates\idp2.cer", } } }); samlConfigurations.AddConfiguration(samlConfiguration); SAMLController.Configurations = samlConfigurations; }