stackoom
  简体   繁体   中英

SSO/SAML with .NET application

 原文  2018-12-07 08:28:50       .net/ saml-2.0

Question

Background

I have a .NET (not MVC or ASP.NET) application (which is an Excel plugin), which performs 1 REST call for data (REST call is a protected resources - requires authenticated user). Currently this Excel plugin authenticates with the REST backend using basic authentication (with username/password input fields). Users are authenticated on a Windows domain.

Problem

I want to get rid of the username/password inputs and start using SAML2 to achieve true single signon for these users.from within this .NET application.

Question 1: Is it possible to perform client-side SAML2 authentication for my app?

Which framework/library to use?

If it is possible (I hope so...), I found this info:

"No is official C# client-side protocol stack", but there are various 3rd party libraries which implement SAML2", but these seem all focused on ASP.NET.

  • Sustainsys.Saml2
  • OneLogin
  • AspNetSaml
  • ITfoxtec

I've tried several libraries but they all seem to want to redirect the user (in browser - which I don't use in the app) to a specific endpoint.

I am no .NET guru, so if it is possible, any library with a clear example/tutorial would be really appreciated.

Followup 2018-12-13

So, real SAML authentication is only possible when including a WebBrowserControl in a custom pane in this Excel Add-In application. This WebBrowserControl will handle the SAML negotiation (including following all redirects etc). However, I just noticed when I access the URL which triggers the SAML authentication in Firefox (which has empty NTLM trusted URIs) that I get an authentication popup. When I enter my credentials I am authenticated.

Question 2

Can I still perform the SAML negotiation in the .NET backend without the WebBrowserControl, but by supplying the username + password which I currently still have in my GUI? Can I set the correct headers at some point in the process? If so, how?

1 answers

solution1
 0  2018-12-09 18:52:09

List of SAML stacks .

Why SAML?

SAML uses browser redirects as you've pointed out.

I would suggest using the ADAL libraries ie OpenID Connect.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Integrate SAML with SSO into the .net web application which has been using Forms authentication SAML Configuration for Azure SSO with Angular Frontend and .NET Backend Enable SSO on a Silverlight/.NET Web application: NTLM? Integrating ADFS SSO into existing .net web application How to enable an ASP.NET MVC web app using Forms Authentication as a SAML SSO ID Provider? AZURE AD SSO does not authenticate my .NET application IIS How to migrate ASP.NET membership to SAML in an MVC application? SAML2 Protocol with my ASP.NET application can .net application pass the SSO token to java application for calling Rally Rest services? SAML and .NET 4.5
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM