ITfoxtec SAML2可以支持多个IdP吗? [英] Can ITfoxtec SAML2 supprot multiple IdPs?
问题描述
我正在尝试使我的ASP.NET MVC Web应用程序为多个IdP提供SSO,并且我想知道是否可以使用ITfoxtec.SAML2库来支持此方案.
I am attempting to make my ASP.NET MVC web app provide SSO to multiple IdPs, and I am wondering if it is possible to support this scenario using the ITfoxtec.SAML2 library.
我有许多不同的客户,其中一些客户希望与我的服务进行SSO集成.每个客户端都有一个不同的子域(例如business1.myapp.com,business2.myapp.com等),我将需要使用其名称的唯一部分来查找其元数据并生成一个配置,该配置将跟他们说话.
I have many different clients, several of whom want to have an SSO integration with my service. Each of the clients has a different sub-domain (e.g. business1.myapp.com, business2.myapp.com, etc.) and I will need to use their unique part of the name to look up their metadata and produce a configuration that will talk back to them.
我看到的示例代码似乎在支持一种SP方案的更传统的IdP.
The example code that I have seen seems to be supporting a more traditional one IdP to one SP scenario.
此外,如果有人知道非核心ASP.NET MVC示例应用程序,我将不胜感激,知道在哪里可以找到它.
Additionally, if any one knows of a non-Core ASP.NET MVC example application, I would be profoundly grateful to know where to find it.
推荐答案
在您的情况下,我将实现一些 Saml2Configuration 逻辑,在这里我可以要求特定的 Saml2Configuration 当前的IdP.然后,在 AuthController 中使用此特定的 Saml2Configuration .
In your case I would implement some Saml2Configuration logic, where I can ask for a specific Saml2Configuration for the current IdP. This specific Saml2Configuration is then used in the AuthController.
在使用通用的 Saml2Configuration 进行 binding.ReadSamlResponse(Request.ToGenericHttpRequest(),saml2AuthnResponse)之后,您可以在 saml2AuthnResponse.Issuer 中读取IdP发行者代码>.然后加载正确的 Saml2Configuration .
After a binding.ReadSamlResponse(Request.ToGenericHttpRequest(), saml2AuthnResponse) with a generic Saml2Configuration you can read the IdP issuer in saml2AuthnResponse.Issuer. And then load the correct Saml2Configuration.
A link to a non-Core ASP.NET MVC relaying party sample application https://github.com/ITfoxtec/ITfoxtec.Identity.Saml2/tree/master/test/TestWebApp
这篇关于ITfoxtec SAML2可以支持多个IdP吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
