如何将CA SSO（CA Siteminder）SAML IdP配置为asp.net azure Web应用程序？

Question

I have an azure web app. Now, I am trying to install shibboleth service provider for my web app. I found a way to do this though this blog . Is there any other way to set up shibboleth sp without installing a VM on azure?

I have searched a lot on web but all they show is to set up SSO in azure using Azure active directory as IdP.

Is there any way to configure my external Idp to web app in azure?

Answer 1

SSL is the first layer of defense for an SSO web application. Thus you must obtain an SSL certificate for your web site's URL.

The biggest trick seems to be configuring Azure and Visual Studio to not get confused between the remote desktop certificate and the SSL certificate. The Azure instructions for configuring SSL you could refer to.

Here are the most important points as below:

1.You will need to have the certificate in a PFX file so it can be uploaded to Azure. This PFX file must contain the certificate's private key! You will also need the certificate thumbprint.

2.Modify the cloud service's service definition and service configuration files.

3.Upload the SSL certificate to your cloud service application.

4.Now the SSL-modified cloud service application needs to be uploaded to Azure.

5.Browse to your web site using HTTPS. Fingers crossed! It should work but HTTP should be rejected.

If you need to set up a test IdP, Microsoft has produced a series of videos on how to do this.

Of course there is the Shibboleth IdP documentation at shibboleth.net .

You should also have downloaded the Shibboleth SP 64-bit Windows/IIS 7 MSI file. Get the latest version from the download site .

Now when you browse to your Azure web site you should be redirected to your IdP's login page. Once you successfully log in you should be redirected back to your web app. There will now be session variables that contain authentication attributes such as IdP URN, user name, and so on.

For more details, you could refer to this blog .