// Process the SAML response. private void ProcessSAMLResponse(SAMLResponse samlResponse, string relayState) { Trace.Write("SP", "Processing SAML response"); // Check whether the SAML response indicates success. if (!samlResponse.IsSuccess()) { throw new ArgumentException("Received error response"); } // Extract the asserted identity from the SAML response. SAMLAssertion samlAssertion = null; if (samlResponse.GetAssertions().Count > 0) { samlAssertion = samlResponse.GetAssertions()[0]; } else { throw new ArgumentException("No assertions in response"); } // Enforce single use of the SAML assertion. if (!AssertionIDCache.Add(samlAssertion)) { throw new ArgumentException("The SAML assertion has already been used"); } // Get the subject name identifier. string userName = null; if (samlAssertion.Subject.NameID != null) { userName = samlAssertion.Subject.NameID.NameIdentifier; } else { throw new ArgumentException("No name in subject"); } // Create a login context for the asserted identity. FormsAuthentication.SetAuthCookie(userName, false); // Redirect to the requested URL. Response.Redirect(relayState, false); Trace.Write("SP", "Processed successful SAML response"); }
// Process the SAML response returned by the identity provider in response // to the authentication request sent by the service provider. private void ProcessSAMLResponse() { // Receive the SAML response. SAMLResponse samlResponse = null; string relayState = null; ReceiveSAMLResponse(out samlResponse, out relayState); // Check whether the SAML response indicates success or an error and process accordingly. if (samlResponse.IsSuccess()) { ProcessSuccessSAMLResponse(samlResponse, relayState); } else { ProcessErrorSAMLResponse(samlResponse); } }