[英]SAML integration with ASP.NET Core Identity
Our service provider asked for the following information for the SAML integration.我们的服务提供商要求提供以下 SAML 集成信息。
Now it's my first time trying with SAML and I need to build the identity provider and I'd like to use ASP.NET Core Identity for user authentication.现在这是我第一次尝试使用 SAML,我需要构建身份提供程序,我想使用ASP.NET Core Identity进行用户身份验证。
As I understand it right, the flow would be正如我理解的那样,流程是
I've researched and found several open-source SAML integrations with ASP.NET Core such as Sustainsys or ITfoxtec.我研究并发现了几个与 ASP.NET Core 的开源 SAML 集成,例如 Sustainsys 或 ITfoxtec。 Sustainsys has several samples and it seems like SampleIdentityServer4AspNetIdentity is the way to go.
Sustainsys 有几个示例,似乎SampleIdentityServer4AspNetIdentity是要走的路。
new EntityId("https://localhost:44342/Saml2")
and new EntityId("http://localhost:52071/Metadata")
in Startup.cs
and where can I get those values?new EntityId("https://localhost:44342/Saml2")
和new EntityId("http://localhost:52071/Metadata")
在Startup.cs
和我在哪里可以得到这些价值? Any guidance would be appreciated.任何指导将不胜感激。
The login flow you describe is correct.您描述的登录流程是正确的。
It is possible to build a identity provider using the ITfoxtec.Identity.Saml2 package and ASP.NET Core Identity.可以使用 ITfoxtec.Identity.Saml2 包和 ASP.NET Core Identity 构建身份提供程序。 I have implemented identity providers using the ITfoxtec.Identity.Saml2 package a number of times.
我已经多次使用 ITfoxtec.Identity.Saml2 包实现身份提供者。 But you need to be aware of implementing a secure solution, it needs to be done rights else you will leave the hacker a bunch of possibilities :)
但是你需要意识到实施一个安全的解决方案,它需要完成,否则你会给黑客留下一堆可能性:)
The new EntityId("https://localhost:44342/Saml2")
is the identity providers id which you define yourself. new EntityId("https://localhost:44342/Saml2")
是您自己定义的身份提供商 ID。
A link to a ASP.NET Core identity provider sample application https://github.com/ITfoxtec/ITfoxtec.Identity.Saml2/tree/master/test/TestIdPCore .指向 ASP.NET Core 身份提供程序示例应用程序https://github.com/ITfoxtec/ITfoxtec.Identity.Saml2/tree/master/test/TestIdPCore 的链接。 Howewer, the sample application is not using the ASP.NET Core Identity.
但是,示例应用程序未使用 ASP.NET Core 标识。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.