Hi Chiran,
Interesting work, please do come up with a documentation for the
implementation you have done (i.e working sample illustration with images,
the README.txt for the git project). I need to visualize the complete agent
integration stepwise. I had looked the repo. I believe once the agent
installed to the .net web application we may need to install the agent.dll
then we may need to complete following[1]
I used to work with the [2] for some demos, however, just need to
understand the differences between the Componentspace [2] vs the agent
feature that we are offering
[1]
<appSettings>
<add key="SAML2SSOURL" value="samlsso"/>
<add key="SPEntityId" value="demo-sso-agent"/>
<add key="AssertionConsumerURL" value="http://localhost:49763/
sample/callback"/>
<add key="EnableResponseSigning" value="true"/>
<add key="HTTPBinding" value="urn:oasis:names:tc:
SAML:2.0:bindings:HTTP-POST"/>
<add key="EnableRequestSigning" value="true"/>
<add key="AttributeConsumingServiceIndex" value="1024541984"/>
</appSettings>
[2] https://www.componentspace.com/
Cheers,
Dushan
On Sun, Jan 21, 2018 at 10:22 PM, Chiran Wijesekara <[email protected]>
wrote:
> Architecture diagram is attached below. It's not showing up in the
> original Email due to an issue with the format.
>
>
> On Mon, Jan 22, 2018 at 10:56 AM, Chiran Wijesekara <[email protected]>
> wrote:
>
>>
>> *Introduction:*
>>
>> Suppose someone has an ASP.NET web application or else he/she is going
>> to create a new one. One of your major concerns would be to provide a
>> secure mechanism for handling user authentication and authorization.
>>
>> With the introduction of this SAML Agent, you can easily incorporate this
>> agent into your ASP.NET web application and it will take care of all the
>> things related to SAML authentication mechanism.
>>
>> *Solution Architecture:*
>>
>>
>> *Note: 2,7,8,3 of the above diagram denotes the resolving of the current
>> request of interest.*
>>
>> The above diagram depicts the architecture for the .NET SAML agent. The
>> agent is designed in such a way that all the requests that are coming to
>> the ASP.NET web application will be directed to the *FilteringHttpModule*.
>> This *FilteringHttpModule* is a class that implements the *IHttpModule
>> *interface
>> (i.e. a custom HTTP handler). And this *FilteringHttpModule* is
>> responsible for handling the SAML authentication related request. It will
>> call the relevant method of *SAMLManager *class to process the request.
>>
>> *How to incorporate Agent into a given ASP.NET <http://ASP.NET> web
>> application:*
>>
>> This agent is developed in a way such that it has minimum possible
>> dependencies on the ASP.NET web application. Hence, when someone wants
>> to incorporate SAML authentication into his/her ASp.NET web app, that could
>> be done with a minimum effort.
>>
>> Following is the list of items to configure SAML Agent for a given
>> ASP.NET web application.
>>
>> The process of incorporating *SAML authentication with wso2 identity
>> server* via SAML agent can be explained in few steps as follows.
>>
>> 1.
>>
>> *Add* - the agent.dll reference to your Asp.NET web application(You
>> can get this via NuGet package manager or else from the git repo)
>> 2.
>>
>> *Configure* - the mandatory properties in your ASP.NET web
>> application’s web.config file. Furthermore, you have to get the .jks from
>> the wso2 Identity Server you are using and convert it to a *pkcs*
>> using keytool.(Or else use your own pkcs12). Add the .pfx / .p12 to the
>> Local Machine Certificate Store.
>> 3.
>>
>> *Register* - the “FilteringHttpModule” in your ASP.NET web
>> application to handle the requests related to SAML authentication
>> mechanism.
>> 4.
>>
>> *Set* - your application’s login controls to refer SAML intensive
>> segments. That is, suppose you have a login link in your web application.
>> All you have to do is set the attribute, href = “/samlsso”.
>>
>>
>>
>> Link to the Repo: https://github.com/chirankavin
>> da123/saml-sso-agent-DOT-NET
>> <https://github.com/chirankavinda123/saml-sso-agent-DOT-NET>
>> Any suggestion/recommendation to improve this agent's architecture would
>> be much appreciated.
>>
>> Thank you.
>> --
>> *Chiran Wijesekara*
>>
>>
>> *Software Engineering Intern | WSO2*Email: [email protected]
>> Mobile: +94712990173web: www.wso2.com
>>
>> [image: https://wso2.com/signature] <https://wso2.com/signature>
>>
>
>
>
> --
> *Chiran Wijesekara*
>
>
> *Software Engineering Intern | WSO2*Email: [email protected]
> Mobile: +94712990173web: www.wso2.com
>
> [image: https://wso2.com/signature] <https://wso2.com/signature>
>
> _______________________________________________
> Architecture mailing list
> [email protected]
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>
--
Dushan Abeyruwan | Architect
Technical Support,MV
PMC Member Apache Synpase
WSO2 Inc. http://wso2.com/
Blog:*http://www.dushantech.com/ <http://www.dushantech.com/>*
LinkedIn:*https://www.linkedin.com/in/dushanabeyruwan
<https://www.linkedin.com/in/dushanabeyruwan>*
Mobile:(001)408-791-9312
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
