问题
I am tasked with setting up SAML 2.0 Single Sign On via the Sustainsys (Kentor) library for the project I am currently working on. Here is the documentation I have been following. The website is a webforms application so I am using the HTTPModule portion of the Sustainsys library. I have configured my IDP (Okta) to send the SAML 2.0 assertions to the website which the documentation proclaims the Endpoint to be /Saml or /Saml/Acs. The site is a Kentico CMS website and the CMS offers an API for authenticating the user using their username as the parameter to authenticate them.
The part I am having a hard time figuring out is, once the assertion has been passed Sustainsys how do I then access that data within my application so that I may view the claims, extract the username, and authenticate the user? The documentation describes how to configure the system, but it doesn't seem to describe how to use it..
回答1:
The library extracts all the attributes from the SAML2 Assertion and creates claims out of them. The HttpModule then calls the SessionAuthenticationModule (which you need to have loaded) to create a cookie to persist the info.
From within your application, you just have to access HttpContext.Current.User.
来源:https://stackoverflow.com/questions/51851173/extract-sustainsys-saml-2-0-assertion