private void CreateSAMLResponse() { FormsIdentity id = null; if (HttpContext.Current.User != null) { if (HttpContext.Current.User.Identity.IsAuthenticated) { if (HttpContext.Current.User.Identity is FormsIdentity) { id = (FormsIdentity)HttpContext.Current.User.Identity; } } } DateTime notBefore = (id != null ? id.Ticket.IssueDate.ToUniversalTime() : DateTime.UtcNow); DateTime notOnOrAfter = (id != null ? id.Ticket.Expiration.ToUniversalTime() : DateTime.UtcNow.AddMinutes(30)); IDProvider config = IDProvider.GetConfig(); SAMLResponse.Status = new StatusType(); SAMLResponse.Status.StatusCode = new StatusCodeType(); SAMLResponse.Status.StatusCode.Value = SAMLUtility.StatusCodes.Success; AssertionType assert = new AssertionType(); assert.ID = SAMLUtility.GenerateID(); assert.IssueInstant = DateTime.UtcNow.AddMinutes(10); assert.Issuer = new NameIDType(); assert.Issuer.Value = config.id; SubjectConfirmationType subjectConfirmation = new SubjectConfirmationType(); subjectConfirmation.Method = "urn:oasis:names:tc:SAML:2.0:cm:bearer"; subjectConfirmation.SubjectConfirmationData = new SubjectConfirmationDataType(); subjectConfirmation.SubjectConfirmationData.Recipient = SAMLRequest.Issuer; subjectConfirmation.SubjectConfirmationData.InResponseTo = SAMLRequest.Request.ID; subjectConfirmation.SubjectConfirmationData.NotOnOrAfter = notOnOrAfter; NameIDType nameID = new NameIDType(); nameID.Format = SAMLUtility.NameIdentifierFormats.Transient; nameID.Value = (id != null ? id.Name : UtilBO.FormatNameFormsAuthentication(this.__SessionWEB.__UsuarioWEB.Usuario)); assert.Subject = new SubjectType(); assert.Subject.Items = new object[] { subjectConfirmation, nameID }; assert.Conditions = new ConditionsType(); assert.Conditions.NotBefore = notBefore; assert.Conditions.NotOnOrAfter = notOnOrAfter; assert.Conditions.NotBeforeSpecified = true; assert.Conditions.NotOnOrAfterSpecified = true; AudienceRestrictionType audienceRestriction = new AudienceRestrictionType(); audienceRestriction.Audience = new string[] { SAMLRequest.Issuer }; assert.Conditions.Items = new ConditionAbstractType[] { audienceRestriction }; AuthnStatementType authnStatement = new AuthnStatementType(); authnStatement.AuthnInstant = DateTime.UtcNow; authnStatement.SessionIndex = SAMLUtility.GenerateID(); authnStatement.AuthnContext = new AuthnContextType(); authnStatement.AuthnContext.Items = new object[] { "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" }; authnStatement.AuthnContext.ItemsElementName = new ItemsChoiceType5[] { ItemsChoiceType5.AuthnContextClassRef }; StatementAbstractType[] statementAbstract = new StatementAbstractType[] { authnStatement }; assert.Items = statementAbstract; SAMLResponse.Items = new object[] { assert }; string xmlResponse = SAMLUtility.SerializeToXmlString(SAMLResponse); XmlDocument doc = new XmlDocument(); doc.LoadXml(xmlResponse); XmlSignatureUtils.SignDocument(doc, assert.ID); SAMLResponse = SAMLUtility.DeserializeFromXmlString <ResponseType>(doc.InnerXml); HttpPostBinding binding = new HttpPostBinding(SAMLResponse, HttpUtility.UrlDecode(Request[HttpBindingConstants.RelayState])); binding.SendResponse(this.Context, HttpUtility.UrlDecode(SAMLRequest.AssertionConsumerServiceURL), SAMLTypeSSO.signon); }