kentor-authservices

Kentor AuthService - Read Subject NameID

旧时模样 提交于 2020-01-24 19:40:13
问题 How can I access to saml2:NameID from saml2:Subject response XML node by using Kentor AuthService? I couldn't find in code anything that deals with that part of XML. Maybe I'm missing something. I'm not asking about Kentor IdP, I see that there NameID is sent as additional claim, which is translated as attribute, I'm asking in general, IdP does not have to be powered by Kentor, so I can't rely that I will have this value passed as attribute. So, if it's handled I couldn't find it here: https:

KentorIT, SAML2, Okta, MVC Authentication - login issue

£可爱£侵袭症+ 提交于 2020-01-05 04:55:12
问题 I am a newbie, I have setup my MVC application that will use okta for Authentication, trying to achieve using KentorIT, when the user isn't logged-In it redirects to Okta, and but Okta sent the response back, I am getting null in loginInfo object always. public async Task<ActionResult> ExternalLoginCallback(string returnUrl) { var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync(); if (loginInfo == null) { return RedirectToAction("Login"); } I have put my POC code at below

Programatically configure sso settings using kentor

偶尔善良 提交于 2019-12-23 01:06:14
问题 I have an MVC application (.Net Framework 4.5) which is been there for the last three years and using Forms Authentication mechanism. Now we want to integrate SSO feature with the help of Okta. Using KentorIT Authentication services I was able to integrate Okta with my mvc application. In that, all the configurations are being set in the web.config file (eg: entityId, signOnUrl etc.). Is there a way to programmatically configure these sso settings? I found that KentorAuthServicesSection is

Identify okta account on sign-in

会有一股神秘感。 提交于 2019-12-12 05:46:07
问题 I have an MVC application (.Net Framework 4.5) which is been there for the last three years and using Forms Authentication mechanism. This application provides different accounts like Personal, freebie, Enterprise etc. For an enterprise account, we are handling everything in the same application. I.e. Suppose an enterprise called “xyz” created an enterprise account with the application, then we are providing a custom url like “https://application/xyz/login” and from the url we are identifying

Kentor AuthServices - serviceCertificates for SP (.pfx with password protected) throwing network password error

北城余情 提交于 2019-12-11 13:16:42
问题 Error : The specified network password is not correct. Description: An un handled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: The specified network password is not correct. Reason: I can only export certificate '.pfx' with the password protected. "Kentor AuthServices" doesn't support password protected as I understand.. It is said that this issue

What are AudienceRestrictionConditions in KentorAuthServices?

你离开我真会死。 提交于 2019-12-11 05:46:33
问题 Im working with Kentor Auth Services. Im getting an error when testing the SAML integration using Kentor Sample Idp ID1035: The SAML Assertion did not contain any AudienceRestrictionConditions. To accept assertions without AudienceRestrictionConditions, set SecurityTokenHandlerConfiguration.AudienceRestriction.AudienceMode to AudienceUriMode.Never. Can someone let me know why im getting this error. Also I'm seeing a field called Audience. I have left it as blank since im not sure what needs

Kentor AuthServices: ClaimTypeNamespace for SessionIndex and LogoutNameIdentifier

丶灬走出姿态 提交于 2019-12-11 05:29:58
问题 As a service provider we are getting following claims from IDP (ADFS). http://kentor.se/AuthServices/LogoutNameIdentifier http://kentor.se/AuthServices/SessionIndex In AuthServices codebase AuthServicesClaimTypes.ClaimTypeNamespace is set to http://kentor.se/AuthServices. Should this namespace reflect SP (https://mysite/AuthServices)? Also, under identityProviders configuration section (web.config), I am not setting logoutUrl, but still I am getting LogoutNameIdentifier claim from Idp. We do

Using Kentor.AuthServices.StubIdp as production IDP

北慕城南 提交于 2019-12-10 13:17:24
问题 I'm trying to implement an IDP (SAML2) server inside my application. I don't want any of my partners to ask our customers to register on their side given the fact that my application has all the data needed. I'm not very familiar with the SAML2 protocol. I found the project Kentor.AuthServices.StubIdp to be the most interesting because it implements everything I need. I'm also aware that it's not built for production purposes. I planned to build the IDP on top of StubIdp, because I can't

Kentor HTTPModule- ADFS Login SAMLResponse ERROR

最后都变了- 提交于 2019-12-10 12:18:17
问题 In our ASP.Net project, I am using Kentor.AuthServices.HTTPModule and have configured ADFS. Have given the SAML Assertion Consumer Binding as "redirect" and Trusted-URL as "ourSiteUrl". After ADFS login is successful, it will redirect to ourSiteURL/AuthServices/Acs?SAMLResponse=... and it throws an Exception Kentor.AuthServices.Exceptions.InvalidSignatureException: Cannot verify signature of message from unknown sender win-3obaenpbsol.dc10.inapp.com/adfs/services/trust. What could be the