Hi All, I am trying to create a SAML request to get data from IdP server using ComponentSpace library. As per IdP documentation we need to follow below process. I appreciate your help.
1) Login to IdP server using browser with username and password.
2) It will authenticate and redirect to our server with two value SAMLart and RelayState.
3) Now use IdP SOAP end point URL to connect IdP server and send SAML request to retrieve further information. It will require SAMLart and RelayState in SAML request. SMAL request need to send to CorpPass via the Internet OOB channel as a SOAP message.
What you describe is the HTTP-Artifact binding.
This binding isn’t commonly used.
Typically the IdP sends the SAML response using HTTP-Post.
Does the IdP support HTTP-Post or must you use HTTP-Artifact?
[quote]
[/quote]
As per there document they written below:-
For Internet OOB
SOAP/HTTP Artifact (Artifact from Artifact Resolution profile)
SAML Message: SAML element.
I am not sure if it also support HTTP-Post or only HTTP-Artifact binding
We support HTTP-Artifact but it requires using the SAML low-level API.
HTTP-Post is supported through the high-level API.
We haven’t added HTTP-Artifact support to the high-level API as it’s so infrequently used.
The SAML2ServiceProvider project under the Examples\SSO\LowLevelAPI\SP-Initiated folder demonstrates all the bindings including HTTP-Artifact.
The SAML/AssertionConsumerService.aspx page calls ServiceProvider.ReceiveArtifactByHTTPArtifact to receive the artifact.
It then calls ArtifactResolver.SendRequestReceiveResponse to send an artifact resolve message over SOAP and receive the SAML response.
If you must use HTTP-Artifact, your code would make the same low-level API calls.
However, I suggest contacting the IdP to see if they support HTTP-Post.
[quote][/quote]
We support HTTP-Artifact but it requires using the SAML low-level API.
HTTP-Post is supported through the high-level API.
We haven't added HTTP-Artifact support to the high-level API as it's so infrequently used.
The SAML2ServiceProvider project under the Examples\SSO\LowLevelAPI\SP-Initiated folder demonstrates all the bindings including HTTP-Artifact.
The SAML/AssertionConsumerService.aspx page calls ServiceProvider.ReceiveArtifactByHTTPArtifact to receive the artifact.
It then calls ArtifactResolver.SendRequestReceiveResponse to send an artifact resolve message over SOAP and receive the SAML response.
If you must use HTTP-Artifact, your code would make the same low-level API calls.
However, I suggest contacting the IdP to see if they support HTTP-Post.
HTTP-Post is supported through the high-level API.
We haven't added HTTP-Artifact support to the high-level API as it's so infrequently used.
The SAML2ServiceProvider project under the Examples\SSO\LowLevelAPI\SP-Initiated folder demonstrates all the bindings including HTTP-Artifact.
The SAML/AssertionConsumerService.aspx page calls ServiceProvider.ReceiveArtifactByHTTPArtifact to receive the artifact.
It then calls ArtifactResolver.SendRequestReceiveResponse to send an artifact resolve message over SOAP and receive the SAML response.
If you must use HTTP-Artifact, your code would make the same low-level API calls.
However, I suggest contacting the IdP to see if they support HTTP-Post.
Ok Thanks reply, i will ask from IdP. In case they support the HTTP-Post then which method i need to follow up. Also is there any way i can get all cert based on domain name instead providing cert file location or adding files in our code
If they support HTTP-Post I suggest taking a look at the ExampleServiceProvider project in the Examples\SSO\HighLevelAPI\WebForms folder.
The SAML/AssertionConsmerService.aspx page calls SAMLServiceProvider.ReceiveSSO to receive and process the SAML response.
This project is described in section 10.1 of our Developer Guide PDF which is in the Documentation folder.
You could implement ComponentSpace.SAML2.Certificates.ICertificateManager for custom certificate management.
However, it’s easier to just use the default certificate management and have the certificate loaded from the file system, the Windows certificate store or a base-64 encoded string.
I am just using ComponentSpace.SAML2 library to develop my code and send request and get response from IdP server using HTTP-Artifact binding after successful login from IdP server. Is it require any licence to use you ComponentSpace.SAML2.dll file or it is free open source . If licence require, May I know what is the process to get the licence and how we can configure it in cloud environments.
We have three system, Dev is on Window, QA is in Linux and PROD is on Gcloud. May i know how this licence will work in all these environments for ComponentSpace.SAML2.dll ? is it simply deployment of ComponentSpace.SAML2.dll or any configuration require.
[quote][/quote]
If they support HTTP-Post I suggest taking a look at the ExampleServiceProvider project in the Examples\SSO\HighLevelAPI\WebForms folder.
The SAML/AssertionConsmerService.aspx page calls SAMLServiceProvider.ReceiveSSO to receive and process the SAML response.
This project is described in section 10.1 of our Developer Guide PDF which is in the Documentation folder.
You could implement ComponentSpace.SAML2.Certificates.ICertificateManager for custom certificate management.
However, it's easier to just use the default certificate management and have the certificate loaded from the file system, the Windows certificate store or a base-64 encoded string.
The SAML/AssertionConsmerService.aspx page calls SAMLServiceProvider.ReceiveSSO to receive and process the SAML response.
This project is described in section 10.1 of our Developer Guide PDF which is in the Documentation folder.
You could implement ComponentSpace.SAML2.Certificates.ICertificateManager for custom certificate management.
However, it's easier to just use the default certificate management and have the certificate loaded from the file system, the Windows certificate store or a base-64 encoded string.
Hi IdP only support HTTP-Artifact binding so i think i need to use only low level API. But i have another question below,
I am just using ComponentSpace.SAML2 library to develop my code and send request and get response from IdP server using HTTP-Artifact binding after successful login from IdP server. Is it require any licence to use you ComponentSpace.SAML2.dll file or it is free open source . If licence require, May I know what is the process to get the licence and how we can configure it in cloud environments.
We have three system, Dev is on Window, QA is in Linux and PROD is on Gcloud. May i know how this licence will work in all these environments for ComponentSpace.SAML2.dll ? is it simply deployment of ComponentSpace.SAML2.dll or any configuration require.
[quote][/quote]
If they support HTTP-Post I suggest taking a look at the ExampleServiceProvider project in the Examples\SSO\HighLevelAPI\WebForms folder.
The SAML/AssertionConsmerService.aspx page calls SAMLServiceProvider.ReceiveSSO to receive and process the SAML response.
This project is described in section 10.1 of our Developer Guide PDF which is in the Documentation folder.
You could implement ComponentSpace.SAML2.Certificates.ICertificateManager for custom certificate management.
However, it's easier to just use the default certificate management and have the certificate loaded from the file system, the Windows certificate store or a base-64 encoded string.
The SAML/AssertionConsmerService.aspx page calls SAMLServiceProvider.ReceiveSSO to receive and process the SAML response.
This project is described in section 10.1 of our Developer Guide PDF which is in the Documentation folder.
You could implement ComponentSpace.SAML2.Certificates.ICertificateManager for custom certificate management.
However, it's easier to just use the default certificate management and have the certificate loaded from the file system, the Windows certificate store or a base-64 encoded string.
Hi , IdP service provider confir they only accept HTTP-Artifact binding, But now my question on licence , I am just using ComponentSpace.SAML2 library to develop my code and send request and get response from IdP server using HTTP-Artifact binding after successful login from IdP server. Is it require any licence to use you ComponentSpace.SAML2.dll file or it is free open source . If licence require, May I know what is the process to get the licence and how we can configure it in cloud environments.
We have three system, Dev is on Window, QA is in Linux and PROD is on Gcloud. May i know how this licence will work in all these environments for ComponentSpace SAML2 library file ? is it simply deployment of ComponentSpace SAML2 library file or any configuration require.
[quote][/quote]
If they support HTTP-Post I suggest taking a look at the ExampleServiceProvider project in the Examples\SSO\HighLevelAPI\WebForms folder.
The SAML/AssertionConsmerService.aspx page calls SAMLServiceProvider.ReceiveSSO to receive and process the SAML response.
This project is described in section 10.1 of our Developer Guide PDF which is in the Documentation folder.
You could implement ComponentSpace.SAML2.Certificates.ICertificateManager for custom certificate management.
However, it's easier to just use the default certificate management and have the certificate loaded from the file system, the Windows certificate store or a base-64 encoded string.
The SAML/AssertionConsmerService.aspx page calls SAMLServiceProvider.ReceiveSSO to receive and process the SAML response.
This project is described in section 10.1 of our Developer Guide PDF which is in the Documentation folder.
You could implement ComponentSpace.SAML2.Certificates.ICertificateManager for custom certificate management.
However, it's easier to just use the default certificate management and have the certificate loaded from the file system, the Windows certificate store or a base-64 encoded string.
Hi Thanks for reply, IdP service provider confirm aboutHTTP-Artifact binding. I am just using ComponentSpace SAML2 library to develop my code and send request and get response from IdP server using HTTP-Artifact binding after successful login from IdP server. Is it require any licence to use you ComponentSpace SAML2 library file or it is free open source . If licence require, May I know what is the process to get the licence and how we can configure it in cloud environments.
I have three environment , Dev in Window, QA is in linux and PROD is GCloud. I am not sure how to configure to use ComponentSpace SAML2 library in upper environments. it simple deployment of ComponentSpace SAML2 library or there require some configuration.
It’s a commercial product. You need to purchase a license to use the product. Licenses may be purchased online.
https://www.componentspace.com/Purchase-SAMLv20.aspx
The product is a .NET class library for use with ASP.NET applications. It supports whatever environments are supported by ASP.NET. This won’t include native Linux environments.
If you use our recommended high-level API, there will be some configuration involved.
However, if using the low-level API for HTTP-Artifact support no configuration is required but you do need to write a little more code.