SAML Metadata Generation and Consumption

The Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0 specification defines a format for exchanging SAML configuration information. This exchange occurs out-of-band (e.g. by downloading from web sites or by email) between partner organizations as part of establishing a single sign-on environment. The use of SAML metadata is entirely optional. Information, including endpoint URLs etc, may be exchanged in any manner convenient to the partner organizations.

Importing SAML Metadata
The included ImportMetadata application imports a SAML metadata file into the high-level API SAML configuration (saml.config).
Usage:
ImportMetadata.exe

where the file contains the SAML entities descriptor or entity descriptor metadata to be imported into saml.config.
For example, the following imports IdP metadata into saml.config:
ImportMetadata.exe idp-metadata.xml
The saml.config file, if any, is assumed to be in the current directory.
If it doesn’t exist, a saml.config file is created. Otherwise, metadata is merged into the existing saml.config.
A saml.config partner provider entry is created for each entity descriptor in the metadata.
The updated saml.config includes “TODO” instructions where additional information is required or needs review.

Exporting SAML Metadata
The included ExportMetadata application exports the high-level API SAML configuration (saml.config) to SAML metadata.
Usage:
ExportMetadata.exe
where the partner name specifies the partner provider in the SAML configuration and a metadata file containing the SAML entity descriptor metadata is created.
For example, the following exports saml.config to a metadata file:
ExportMetadata.exe http://localhost/ExampleIdentityProvider sp-metadata.xml
The saml.config file is assumed to be in the current directory. The X.509 certificate specified in saml.config is assumed to be accessible.

A single metadata entity descriptor is created for the local provider configured in saml.config.
The generated metadata includes “TODO” instructions where additional information is required or needs review.

[quote]
ComponentSpace - 2/21/2014
Exporting SAML Metadata

The included ExportMetadata application exports the high-level API SAML configuration (saml.config) to SAML metadata.
Usage:
ExportMetadata.exe []
where the partner name specifies the partner provider in the SAML configuration, the certificate file contains the local provider’s X.509 certificate, and a metadata file containing the SAML entity descriptor metadata is created.
For example, the following exports saml.config to a metadata file:
ExportMetadata.exe urn:componentspace:ExampleIdentityProvider sp.cer sp-metadata.xml
The saml.config file is assumed to be in the current directory.

A single metadata entity descriptor is created for the local provider configured in saml.config.
The generated metadata includes “TODO” instructions where additional information is required or needs review.

[/quote]

Hi, i'm trying to export metadata with certificate and according to the post above ExportMetadata.exe expects 3 args, but in the source code i can see, that used only 2 params: partnerName and metadataFileName.
So the question. How to add certificate do the exported metadata?
screenshot https://www.screencast.com/t/x206wpgjsg

My apologies. The information about ExportMetadata taking a certificate file parameter is out of date. This is no longer the case. I’ve updated the post accordingly.
ExportMetadata takes two parameters - the name of the partner provider and the name of the generated metadata file.
It assumes that the saml.config file is in the current working directory.
It also assumes that certificates referenced by saml.config are accessible.
For example:
ExportMetadata.exe http://localhost/ExampleIdentityProvider sp-metadata.xml
This references the saml.config in the current directory.
If the saml.config includes LocalCertificateFile=“Certificates\sp.pfx”, this certificate file is used to include the certificate (public key only) in the metadata.

I’m trying to export metadata WITH CERTIFICATE from examples, which came with Library by following instructions above and no success.
The video of process https://www.screencast.com/t/TqXmVjJUzT
Attached files from video (but again, there are files from Your example)
Plz, help me understand what is wrong and how to get metadata with certificate.

In fact, generated metadata doesn’t contain any info from saml.config.
No SingleSignOnServiceUrl, no SingleLogoutServiceUrl, no AssertionConsumerService and of course, no certificate.


The certificate should be included in the generated SAML metadata so I’m not sure why it isn’t.
What version of the ComponentSpace.SAML2 DLL are you using?
http://www.componentspace.com/Forums/31/Determining-the-Component-Version-and-License
The URLs won’t be included as there isn’t sufficient information in the saml.config.
Instead we include TODO placeholders with instructions for substituting the absolute URLs from your application.

[quote]
ComponentSpace - 1/30/2017
The certificate should be included in the generated SAML metadata so I'm not sure why it isn't.
What version of the ComponentSpace.SAML2 DLL are you using?
http://www.componentspace.com/Forums/31/Determining-the-Component-Version-and-License
The URLs won't be included as there isn't sufficient information in the saml.config.
Instead we include TODO placeholders with instructions for substituting the absolute URLs from your application.

[/quote]


lib version. https://www.screencast.com/t/Mg8m1M5NBKF0

the library, all the files were attached to previous post.

That link isn’t working for me.
Could you tell me what the version number is?
If you run the ExportMetadata without any arguments, what does the usage message say?
The older version included a certificate file argument. The newer versions don’t.

[quote]
ComponentSpace - 1/31/2017
That link isn't working for me.
Could you tell me what the version number is?
If you run the ExportMetadata without any arguments, what does the usage message say?
The older version included a certificate file argument. The newer versions don't.

[/quote]


lib version is 2.6.0.16
attached all the libraries and .exe to this post.

if i run without arguments, it throws exception about arguments. https://www.screencast.com/t/8sQy548V1
[quote]
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Lenovo>cd C:\test_m
C:\test_m>ExportMetadata.exe
System.ArgumentException: Wrong number of arguments.
at ExportMetadata.Program.ParseArguments(String[] args) in C:\Program Files (
x86)\ComponentSpace SAML v2.0 for .NET\Examples\Metadata\ExportMetadata\Program.
cs:line 33
at ExportMetadata.Program.Main(String[] args) in C:\Program Files (x86)\Compo
nentSpace SAML v2.0 for .NET\Examples\Metadata\ExportMetadata\Program.cs:line 69
ExportMetadata
The saml.config in the current directory is exported.
C:\test_m>
[/quote]




Thanks for the attached files. The version you’re using is 2.6.0.13. I tested with this and reproduced the issue.
I then tried with the latest version (2.6.0.18) and the certificate was correctly included.
Please contact support@componentspace.com, mentioning this topic, to discuss moving up to the latest release.