SSO for GoToMeeting(citrix) using SAML

rajneesh · January 13, 2016, 1:47am

Hi,

I have one query on citrix-GoToMeeting using SAML, how to create , configure the setup using componentSpace saml 2.0? can anybody know the step by step procedure in c#.

Regards,
Rajneesh.

ComponentSpace · January 13, 2016, 5:32pm

As a starting point, I suggest using the SAML high-level API ExampleIdentityProvider.
You will need to enable SAML SSO in Citrix including specifying your identity provider’s configuration.
The following link is the starting point for the Citrix SAML SSO documentation.
http://support.citrixonline.com/en_US/meeting/all_files/G2M790099
The following page describes configuring the identity provider in Citrix.
http://support.citrixonline.com/en_US/Meeting/all_files/G2M710103
Log into the Organization Center and manually setup your identity provider.
For the sign-in page specify the SSO service URL (eg http://localhost/ExampleIdentityProvider/SAML/SSOService.aspx).
The sign-in binding can be either redirect or post.
For the sign-out page specify the SLO service URL (eg http://localhost/ExampleIdentityProvider/SAML/SLOService.aspx).
The sign-out binding can be either redirect or post.
The identity provider entity ID corresponds to the Name attribute value in your saml.config (eg http://localhost/ExampleIdentityProvider).
The verification certificate is the certificate that should be used to verify XML signatures generated by the identity provider (eg idp.cer).
You will also need to add a entry to the identity provider’s saml.config.
The following page describes the Citrix service provider configuration including its SAML metadata.
http://support.citrixonline.com/en_US/Meeting/all_files/G2M710001
The Citrix SAML metadata is available from:
https://login.citrixonline.com/saml/sp
The entry in saml.config for Citrix should be:

<PartnerServiceProvider Name=“https://login.citrixonline.com/saml/sp”
Description=“Citrix”
WantAuthnRequestSigned=“true”
SignSAMLResponse=“false”
SignAssertion=“true”
EncryptAssertion=“false”
AssertionConsumerServiceUrl=“https://login.citrixonline.com/saml/acs”
SingleLogoutServiceUrl=“https://login.citrixonline.com/saml/SingleLogout”
PartnerCertificateFile=“citrixonline.cer”/>

We support relay state so the one assertion consumer service URL may be specified.
The Citrix certificate file may be created by copying the base-64 encoded X.509 certificate from the Citrix SAML metadata into citrixonline.cer.