Stack Overflow
Stack Overflow

Questions tagged [sustainsys-saml2]

Sustainsys.Saml2 is a .NET library for SAML2 protocol support, adding SAML2 Service Provider functionality to ASP.NET applications. The library was previously named Kentor.AuthServices

The Sustainsys.Saml2 library (formerly named Kentor.AuthServices) is an open source library that adds SAML2 service provider functionality to .NET for various ASP.NET programming models (Http Module, Mvc, Owin, ASP.NET Core)

The project source and documentation is available in the GitHub repo.

An instance of the Stub Idp of the package (an Idp that can be used for testing) is available at https://stubidp.sustainsys.com.

197 questions
2
votes
1 answer

Add SAML Authentication to .net WebAPI

I need to add SAML Authentication to my web application (WebAPI Back-End / Angular Front-End) with Azure AD as my Identity Provider. I plan to use Sustainsys.Saml2 library but I'm not sure how to correctly use the methods that the library provide.…
MindedSecurity
  • 73
  • 2
  • 7
2
votes
1 answer

Dynamically add a SAML2 authentication provider using Sustainsys.Saml2 in ASP.NET Core

I'm trying to dynamically add a SAML2 authentication scheme using IAuthenticationSchemeProvider in ASP.NET Core and the Sustainsys.Saml2 library: schemeProvider.AddScheme(new AuthenticationScheme("myAuthScheme", "myAuthScheme",…
Robert Dougan
  • 307
  • 5
  • 16
2
votes
0 answers

Dynamic external identity providers configuration in AspNet Identity

What I have IdentityServer4 project which uses ASP.NET Identity for identity management. Authentication configured to use external identity providers: AddOpenIdConnect - for openid connect compatible providers, AddSaml2 - for saml compatible ones…
Vasyl Senko
  • 1,779
  • 20
  • 33
2
votes
1 answer

Can SustainSys.Saml2 sign individual assertions when generating SamlResponses?

I'm using SustainSys.Saml2 to generate SAMLResponses within an app that, internally within my organization, acts as an IdP. The library is fully capable of signing the entire response; that works just fine. I have a new SP over which I have no…
Dalanor
  • 23
  • 3
2
votes
1 answer

Sustainsys: error: "IDX13102: Exception thrown while reading '[PII is hidden]' for Saml2SecurityToken. Inner exception: 'System.ArgumentException'."

Nuget Packages in use: Microsoft.AspNetCore.App - 2.1.1 Microsoft.NETCore.App - 2.1.0 Sustainsys.Saml2.AspNetCore2 - 2.2.0 Dotnet Core version: 2.1.302 Implementation Following code is added in the startup.cs file in…
Ashish Gamit
  • 45
  • 5
2
votes
2 answers

SP-Initiated SLO Generating multiple SLO requests

I'm using the sustainsys saml2 owin package, and I'm having problems with SP-initiated SLO. I'm new to the saml process, so there's a good chance I'm doing something wrong. Our signout workflow is as follows: User hits myapp.com/signout myapp…
Dustin Smith
  • 116
  • 1
  • 7
2
votes
1 answer

Issue logging out non-SAML authenticated user when sustainsys OWIN middleware enabled

Using sustainsys I am trying to setup SAML authentication as well as a backdoor for standard username/password authentication via in app form. I can log in and out via SAML without any issue. I can log in via the in app form but when it comes to…
Oscar Ó Foghlú
  • 33
  • 5
2
votes
1 answer

Reading relaystate from a SamlResponse

We are using SustainSys.Saml2 with IdentityServer4. We have the following flow working outlined in this question How to maintain returnurl after receiving SAML response from OneLogin When we issue a ChallengeAsync just before we are redirected to…
Jon
  • 38,814
  • 81
  • 233
  • 382
2
votes
1 answer

Provided certificate is not valid for encryption/decryption

I am using IdentityServer3 for authentication. The IdentityServer3 is using Signing certificate ( the certificate that is used for signing tokens) created using makecert ar per this article. makecert -r -pe -n "CN=SigningOnlyCert" -b 01/01/2015 -e…
LP13
  • 30,567
  • 53
  • 217
  • 400
2
votes
1 answer

IdentityServer4 with Sustainsys.Saml2 to make OAuth SAML Assertion

I have a problem to make sample which will fulfill RFC-7522. What I have is IdentityServer4 (v2.2.0) as oAuth Authorization Server (.NET Core 2.0, Console Application) and different SAML2 IdP. Now I want to use Saml Assertion to auth user. As…
Tomas Ivan
  • 2,212
  • 2
  • 21
  • 34
2
votes
1 answer

Saml2 Single Logout (SingleLogoutServiceResponseUrl) with Sustainsys and Identity Server 4

I am using Sustainsys Saml2 with Identity Server 4. A customer has asked me if we support support SAML Single Logout. They have asked for: Single Logout Request URL Single Logout Response URL From what I can see this is probably supported by…
Fanetic
  • 522
  • 5
  • 15
1
vote
0 answers

Sustainsys.Saml2 in MVC 5 application, how can we implement multitenancy properly?

We're using Sustainsys.Saml2 in our multi-tenant MVC 5 application. It's working fine for a single tenant at the moment, but we can't work out how to add additional tenants. The web.config has this...
centralscru
  • 6,580
  • 3
  • 32
  • 43
1
vote
0 answers

Multiple Sustainsys saml2 configuration in Asp.Net core

I have added multiple same2 configuration and its working fine for the first one but not working with second configuration. I have multiple Saml configuration with different schema as below. .AddSaml2("SCHM-MI", options => { …
Imrankhan Pathan
  • 11
  • 2
1
vote
1 answer

Sustainsys.Saml2.AspNetCore2 - User, claims are null after coming back from IdP

I am attempting to hook up Sustainsys.Saml2 in a new .NET Core project, but having some issues with the User/claims being null after the ACS call completes. Going to list out the packages I'm using, just for background, .NET 6.0 with: After…
Nick
  • 882
  • 2
  • 9
  • 31
1
vote
1 answer

How is expiration of the token/cookie determined?

I'm using the 'Sustainsys.Saml2' package for creating an SSO flow with an IDP. The authentication cookie has no visible "Expires /Max-Age" in the browser but instead it shows 'Session'. This way i'm not sure when a user's token expires. Our…
Arjen
  • 11
  • 1
1 2
3
13 14