saml

WCF Interop with Axis2 using WS-Trust

百般思念 提交于 2020-01-01 03:12:05
问题 We are trying to get WCF and Java talking to each other using SAML tokens issued from an STS. Despite the fact that both sides are compliant with the standards, WS-Security, WS-Trust, WS-Policy, etc., they don't seem to talk to each other and one or the other will throw cryptic exceptions or ignore security headers. We are using .NET 3.5, WCF Federation binding on the MS side, and Axis2/Rampart/Rahas on the java side. Has anyone ever been able to make this work? 回答1: Axis2 is incomplete in

WCF Interop with Axis2 using WS-Trust

久未见 提交于 2020-01-01 03:10:14
问题 We are trying to get WCF and Java talking to each other using SAML tokens issued from an STS. Despite the fact that both sides are compliant with the standards, WS-Security, WS-Trust, WS-Policy, etc., they don't seem to talk to each other and one or the other will throw cryptic exceptions or ignore security headers. We are using .NET 3.5, WCF Federation binding on the MS side, and Axis2/Rampart/Rahas on the java side. Has anyone ever been able to make this work? 回答1: Axis2 is incomplete in

How to validate ADFS SAML token

≡放荡痞女 提交于 2019-12-31 14:34:25
问题 I am currently generating SAML tokens from ADFS like this: WSTrustChannelFactory factory = null; try { // use a UserName Trust Binding for username authentication factory = new WSTrustChannelFactory( new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential), new EndpointAddress("https://adfs.company.com/adfs/services/trust/13/usernamemixed")); factory.TrustVersion = TrustVersion.WSTrust13; factory.Credentials.UserName.UserName = "user"; factory.Credentials.UserName.Password =

How to validate ADFS SAML token

僤鯓⒐⒋嵵緔 提交于 2019-12-31 14:34:15
问题 I am currently generating SAML tokens from ADFS like this: WSTrustChannelFactory factory = null; try { // use a UserName Trust Binding for username authentication factory = new WSTrustChannelFactory( new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential), new EndpointAddress("https://adfs.company.com/adfs/services/trust/13/usernamemixed")); factory.TrustVersion = TrustVersion.WSTrust13; factory.Credentials.UserName.UserName = "user"; factory.Credentials.UserName.Password =

How to parse a SAML assertion request in .Net

你离开我真会死。 提交于 2019-12-30 06:46:26
问题 I'm trying to implement a SAML SSO solution in .Net, but I'm having a problem parsing the assertion. I have a sample assertion (looks like byte[] data as text) and corresponding .p7b file. I want to load the keys from the .p7b and decrypt the assertion to an XML document. So far I think I'm reading the keys correctly: // get the key data byte[] certificateData = System.IO.File.ReadAllBytes("myKeys.p7b"); // decode the keys var cms = new SignedCms(SubjectIdentifierType.IssuerAndSerialNumber);

What to present at SAML EntityID URL?

五迷三道 提交于 2019-12-30 02:36:13
问题 I am trying to implement a SSO that is provided by another website. The instructions ask me to enter "issuer" info. Which turns out is equivalent to the EntityID URL in the EntityDescriptor. I am assuming I need to set that URL to some url on my server, but what I cant seem to figure out, is what that URL actually does. I assume a file needs to be placed at that URL with some information, but I can not seem to work out what that info is. So what info is required at the EntityID URL in order

统一用户认证和单点登录解决方案

拜拜、爱过 提交于 2019-12-29 13:16:12
本文以某新闻单位多媒体数据库系统为例,提出建立企业用户认证中心,实现基于安全策略的统一用户管理、认证和单点登录,解决用户在同时使用多个应用系统时所遇到的重复登录问题。 随着信息技术和网络技术的迅猛发展,企业内部的应用系统越来越多。比如在媒体行业,常见的应用系统就有采编系统、排版系统、印刷系统、广告管理系统、财务系统、办公自动化系统、决策支持系统、客户关系管理系统和网站发布系统等。由于这些系统互相独立,用户在使用每个应用系统之前都必须按照相应的系统身份进行登录,为此用户必须记住每一个系统的用户名和密码,这给用户带来了不少麻烦。特别是随着系统的增多,出错的可能性就会增加,受到非法截获和破坏的可能性也会增大,安全性就会相应降低。针对于这种情况,统一用户认证、单点登录等概念应运而生,同时不断地被应用到企业应用系统中。 统一用户管理的基本原理 一般来说,每个应用系统都拥有独立的用户信息管理功能,用户信息的格式、命名与存储方式也多种多样。当用户需要使用多个应用系统时就会带来用户信息同步问题。用户信息同步会增加系统的复杂性,增加管理的成本。 例如,用户X需要同时使用A系统与B系统,就必须在A系统与B系统中都创建用户X,这样在A、B任一系统中用户X的信息更改后就必须同步至另一系统。如果用户X需要同时使用10个应用系统,用户信息在任何一个系统中做出更改后就必须同步至其他9个系统

Public SAML v2 service providers for testing? [closed]

泪湿孤枕 提交于 2019-12-29 10:08:32
问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 5 months ago . I'm wondering if there are any publicly available SAML v2 SPs that I can use to test with. I think Salesforce and Google apps both have an SSO solution which is compatible, but I'm just not sure how to go about getting access (and unclear whether it costs.) Maybe I should just set up an SP (using OpenSSO or

Public SAML v2 service providers for testing? [closed]

末鹿安然 提交于 2019-12-29 10:08:12
问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 5 months ago . I'm wondering if there are any publicly available SAML v2 SPs that I can use to test with. I think Salesforce and Google apps both have an SSO solution which is compatible, but I'm just not sure how to go about getting access (and unclear whether it costs.) Maybe I should just set up an SP (using OpenSSO or

How To Become a SAML Service Provider

*爱你&永不变心* 提交于 2019-12-29 02:18:06
问题 My company currently develops a Java web application. A couple of our clients have internal SAML servers (identity providers?) and have requested that we integrate with them. So recently I've been reading up on it and playing around with OpenAM. After about 3 days of this, I have a general understanding of it, but there are still some gaps in my knowledge. My hope is that someone can clear this up for me. So here's how I imagine the workflow of a user logging in. Let's define our customers
订阅 saml