I am doing web sso integration (IDP initiated flow) for our web app(a CRM portal) in which users log in with AD credentials and accesses resources on a Service Provider(SP) by passing in our customer details.Our server is on windows 2012 R2(ADFS 3.0).Can I have the SP post the SAML request to a web api (4.6,C#) ,create the SAML 2.0 Response using third party assemblies(ComponentSpace) and send it to the SP after digitally signing and Encrypting the assertion rather than relying on ADFS 3.0 to generate the SAML 2.0 Response?.Our SP wants some custom attributes added to the SAML response and the claim info resides on a sql server database. Do you see any security problem generating the SAML response manually(Inside the Web API) rather than relying on ADFS 3.0?The reasoning behind manually creating SAML response is working with ADFS 3.0 is complex and our support team is too busy to look at our support tickets
Creating SAML 2.0 Response with C# and .NET 4.5 in IDP Initiated web SSO
3.3k views Asked by dotnetdev_2009 At
1
There are 1 answers
Related Questions in C#-4.0
- How to call a C language function from x86 assembly code?
- What does: "char *argv[]" mean?
- User input sanitization program, which takes a specific amount of arguments and passes the execution to a bash script
- How to crop a BMP image in half using C
- How can I get the difference in minutes between two dates and hours?
- Why will this code compile although it defines two variables with the same name?
- Compiling eBPF program in Docker fails due to missing '__u64' type
- Why can't I use the file pointer after the first read attempt fails?
- #include Header files in C with definition too
- OpenCV2 on CLion
- What is causing the store latency in this program?
- How to refer to the filepath of test data in test sourcecode?
- 9 Digit Addresses in Hexadecimal System in MacOS
- My server TCP doesn't receive messages from the client in C
- Printing the characters obtained from the array s using printf?
Related Questions in SINGLE-SIGN-ON
- Generate Databricks personal access token using REST API
- Allow external users to login using custom SAML app in Google Admin
- Handling errors in MSAL Redirect - reactjs login with microsoft sso
- How would single sign-on work for my multi-tenant application?
- How can we make an environment specific Token-based authorization using Ping Token?
- Is it possible to integrate Looker Studio with websites without keeping it public, to preserve data?
- OKTA SSO Driven API Invocation
- Is there any way to login SSO using RestAssured or using any API calls?
- Is it possible to interact with SSO between Website A and Website B?
- SSO to Grafana embeded in iframe
- Secure React App and .net 6 apis with Keycloack
- Integrating one tap sign in with phone from phone email - Converting html and javascript code to React JS
- I need SSO and Maven to work together in a Tomcat 9 Eclipse project, I have check the usual suspects but I think I missed something
- Firebase Authentication SAML resource metadata file
- How to add ForceAuthn flag on AWS cognito
Related Questions in SAML-2.0
- Institutional Login Page on a React Flask App
- Migrate from SAML extensions to SAML service provider and spring security
- Separate web application that does not get SAML authenticated when using Systainsys library and IIS
- How to handle encrypted SAML response with openssl
- "RelayState is invalid" Error in GitHub SAML SSO
- Spring Boot SAML Authentication Issue with Identity Provider (IdP) on Virtual Machine
- Do line breaks or spaces affect saml assertion validation?
- Azure Claim Regex - Unable to filter a claim
- SAML Assertion does not contain KeyInfo element in SubjectConfirmationData
- Adding Private Key to RelyingPartyRegistration in Spring Boot and Spring Security
- SAML Error - The server requires a signed SAML authentication request but no signature is present
- IdentityServer 4 - idsrv and idsrv.session cookies blocked on signin-oidc call
- Challenges with SAML Front Channel Logout and clearing cookies in sites on different domains
- shibboleth 5 with slapd integration login
- Unique SAML issuer required for each application within the same EntraID account
Related Questions in ADFS3.0
- Tracking ADFS login with Google Tag Manager (GTM)
- EnableIdpInitiatedSignon page property not available in ADFS Server 3.0
- Configure ADFS Relying Party SAML response to include "NameFormat" in Attributes
- ADFS custome claims with group membership domain local
- Azure App Gateway - Backend Health 404 error
- Single sign-on using ADFS approach
- what could cause a Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`.HandleRequestAsync() exception?
- External login (via ADFS) from identity server3 responds with http status code 504
- .NET Core application to connect with Windows Server 2012 R2 ADFS (Version 3.0) supporting OAUTH 2.0 authorization protocol
- ADFS Single Logout fails with Requester status code
- Whats the simpelst way to determine the version of SAML on a Active Directory Federation Serivce?
- How do you handle the logout process for applications federated with ADFS?
- Using Express to hand off request to ADFS server
- Error in ADFS Authentication ASP.NET Core + Angular without Oauth
- ADFS relaystate redirection not working with idp initiated sign on with another provider
Related Questions in COMPONENT-SPACE
- Export local idp/sp metadata separately with ComponentSpace.Saml2 ASP.NET Core
- "Error: An SP-initiated SAML response from *IdP* was received unexpectedly", what could cause this error?
- Using 1 SSO provider, person A logs in, then logs out of our app, then person B is logged in as person A since person A's stilled logged into the SSO
- User.Identity.Name is empty .Net Core 6.0 SAML SSO
- Using SAML 2.0 assertion to get access token for Microsoft graph api
- Authentication and getting attributes using componentspace SAML library with ForgeRock backend in .NET core
- Component space trace is not working while Splitting serilog file in asp.net core
- Exposing IdentityServer4 as both IdentityProvider and ServiceProvider using ComponentSpace
- There is no pending identity provider logout request
- SAML 2.0 integration with Spring boot application issue
- Sync ADFS Claims without relogin
- Azure DevOps pipeline missing ComponentSpace licence
- Single Sign-On Service Url For Different Environments
- Adding External packages other than Nuget on Azure DevOps pipeline
- Load dynamic SAML schemes for IdentityServer4 using ComponentSpace
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
After getting in touch with ComponentSpace support,it turns out that I don't have to use ADFS to create SAML response.All I have to do is get the claim details from sql server database and pass that onto their SAMLIdentityProvider.InitiateSSO() as described on their forum
Update: Use of componentspace library was not an option because of the organization delays associated with getting the approval and I ended up creating the saml response manually thanks to this GitHub Repo