提取Sustainsys SAML 2.0断言 [英] Extract Sustainsys SAML 2.0 Assertion

问题描述

我的任务是通过Sustainsys(Kentor)库为我当前正在处理的项目设置SAML 2.0单一登录. 此处是我一直关注的文档.该网站是一个webforms应用程序，因此我正在使用Sustainsys库的 HTTPModule 部分.我已将我的IDP(Okta)配置为将SAML 2.0声明发送到该网站，该文档宣称该端点为/Saml 或/Saml/Acs .该网站是Kentico CMS网站，CMS提供了一个API，用于使用用户名作为参数对用户进行身份验证.

I am tasked with setting up SAML 2.0 Single Sign On via the Sustainsys (Kentor) library for the project I am currently working on. Here is the documentation I have been following. The website is a webforms application so I am using the HTTPModule portion of the Sustainsys library. I have configured my IDP (Okta) to send the SAML 2.0 assertions to the website which the documentation proclaims the Endpoint to be /Saml or /Saml/Acs. The site is a Kentico CMS website and the CMS offers an API for authenticating the user using their username as the parameter to authenticate them.

我很难弄清的部分是，一旦断言被传递，Sustainsys我该如何在应用程序内访问该数据，以便查看声明，提取用户名并验证用户身份?该文档描述了如何配置系统，但似乎没有描述如何使用它..

The part I am having a hard time figuring out is, once the assertion has been passed Sustainsys how do I then access that data within my application so that I may view the claims, extract the username, and authenticate the user? The documentation describes how to configure the system, but it doesn't seem to describe how to use it..

推荐答案

该库从SAML2断言中提取所有属性，并从中创建声明.然后，HttpModule调用SessionAuthenticationModule(您需要将其加载)来创建cookie以保留信息.

The library extracts all the attributes from the SAML2 Assertion and creates claims out of them. The HttpModule then calls the SessionAuthenticationModule (which you need to have loaded) to create a cookie to persist the info.

从应用程序内部，您只需访问HttpContext.Current.User.

From within your application, you just have to access HttpContext.Current.User.

这篇关于提取Sustainsys SAML 2.0断言的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！