//[RequireHttps] public ActionResult Login() { // Read application's creads from the header. var appName = default(string); var password = default(string); HttpBasicAuthentication.GetAuthorizationHeader(Request, out appName, out password); if (string.IsNullOrEmpty(appName) || string.IsNullOrEmpty(password)) { return(new HttpUnauthorizedResult("Invalid username or password.")); } var app = Database.FindUnique <ExternalAppDoc>(a => (a.Name == appName) && (a.Password == password)); if (app == null) { return(new HttpUnauthorizedResult("Invalid username or password.")); } PartnerSSOData.PartnerApp = app; // Request the user info from the IdP. SAMLServiceProvider.InitiateSSO(Response, null, app.IdP); return(new EmptyResult()); //return RedirectToAction("Index", "Home"); }
protected void Page_Load(object sender, EventArgs e) { // Receive an authn request from an enhanced client or proxy (ECP). string partnerSP = null; SAMLIdentityProvider.ReceiveSSO(Request, out partnerSP); // In this example, the user's credentials are assumed to be included in the HTTP authorization header. // The application should authenticate the user against some user registry. // In this example, the credentials are assumed to be valid and no check is made. string userName = null; string password = null; HttpBasicAuthentication.GetAuthorizationHeader(Request, out userName, out password); // Respond to the authn request by sending a SAML response containing a SAML assertion to the SP. // Use the configured or logged in user name as the user name to send to the service provider (SP). // Include some user attributes. if (!string.IsNullOrEmpty(WebConfigurationManager.AppSettings[AppSettings.SubjectName])) { userName = WebConfigurationManager.AppSettings[AppSettings.SubjectName]; } IDictionary <string, string> attributes = new Dictionary <string, string>(); foreach (string key in WebConfigurationManager.AppSettings.Keys) { if (key.StartsWith(AppSettings.Attribute)) { attributes[key.Substring(AppSettings.Attribute.Length + 1)] = WebConfigurationManager.AppSettings[key]; } } SAMLIdentityProvider.SendSSO(Response, userName, attributes); }