Hi Dushan, Thanks for sharing the "Componentspace". It seems a complete and comprehensive solution.
This purpose of this "agent" ( we need to rename this, as it is not an agent, but a library), is to be included in VS solution. We have no plan to install this library in IIS. +1 on comprehensive documentation. I think we need to include, 1. The architecture of the library and the rest of the app, + WSO2 IS. 2. What a developer has to do on VS( step by step) 3. How to change the values in production. Cheers, Ruwan On Wed, Jan 24, 2018 at 4:02 AM, Dushan Abeyruwan <[email protected]> wrote: > Hi Chiran, > Interesting work, please do come up with a documentation for the > implementation you have done (i.e working sample illustration with images, > the README.txt for the git project). I need to visualize the complete agent > integration stepwise. I had looked the repo. I believe once the agent > installed to the .net web application we may need to install the agent.dll > then we may need to complete following[1] > I used to work with the [2] for some demos, however, just need to > understand the differences between the Componentspace [2] vs the agent > feature that we are offering > > [1] > > <appSettings> > <add key="SAML2SSOURL" value="samlsso"/> > <add key="SPEntityId" value="demo-sso-agent"/> > <add key="AssertionConsumerURL" value="http://localhost:49763/ > sample/callback"/> > <add key="EnableResponseSigning" value="true"/> > <add key="HTTPBinding" value="urn:oasis:names:tc:SAML > :2.0:bindings:HTTP-POST"/> > <add key="EnableRequestSigning" value="true"/> > <add key="AttributeConsumingServiceIndex" value="1024541984"/> > </appSettings> > > [2] https://www.componentspace.com/ > > Cheers, > Dushan > > On Sun, Jan 21, 2018 at 10:22 PM, Chiran Wijesekara <[email protected]> > wrote: > >> Architecture diagram is attached below. It's not showing up in the >> original Email due to an issue with the format. >> >> >> On Mon, Jan 22, 2018 at 10:56 AM, Chiran Wijesekara <[email protected]> >> wrote: >> >>> >>> *Introduction:* >>> >>> Suppose someone has an ASP.NET web application or else he/she is going >>> to create a new one. One of your major concerns would be to provide a >>> secure mechanism for handling user authentication and authorization. >>> >>> With the introduction of this SAML Agent, you can easily incorporate >>> this agent into your ASP.NET web application and it will take care of >>> all the things related to SAML authentication mechanism. >>> >>> *Solution Architecture:* >>> >>> >>> *Note: 2,7,8,3 of the above diagram denotes the resolving of the current >>> request of interest.* >>> >>> The above diagram depicts the architecture for the .NET SAML agent. The >>> agent is designed in such a way that all the requests that are coming to >>> the ASP.NET web application will be directed to the >>> *FilteringHttpModule*. This *FilteringHttpModule* is a class that >>> implements the *IHttpModule *interface (i.e. a custom HTTP handler). >>> And this *FilteringHttpModule* is responsible for handling the SAML >>> authentication related request. It will call the relevant method of >>> *SAMLManager >>> *class to process the request. >>> >>> *How to incorporate Agent into a given ASP.NET <http://ASP.NET> web >>> application:* >>> >>> This agent is developed in a way such that it has minimum possible >>> dependencies on the ASP.NET web application. Hence, when someone wants >>> to incorporate SAML authentication into his/her ASp.NET web app, that could >>> be done with a minimum effort. >>> >>> Following is the list of items to configure SAML Agent for a given >>> ASP.NET web application. >>> >>> The process of incorporating *SAML authentication with wso2 identity >>> server* via SAML agent can be explained in few steps as follows. >>> >>> 1. >>> >>> *Add* - the agent.dll reference to your Asp.NET web application(You >>> can get this via NuGet package manager or else from the git repo) >>> 2. >>> >>> *Configure* - the mandatory properties in your ASP.NET web >>> application’s web.config file. Furthermore, you have to get the .jks from >>> the wso2 Identity Server you are using and convert it to a *pkcs* >>> using keytool.(Or else use your own pkcs12). Add the .pfx / .p12 to the >>> Local Machine Certificate Store. >>> 3. >>> >>> *Register* - the “FilteringHttpModule” in your ASP.NET web >>> application to handle the requests related to SAML authentication >>> mechanism. >>> 4. >>> >>> *Set* - your application’s login controls to refer SAML intensive >>> segments. That is, suppose you have a login link in your web application. >>> All you have to do is set the attribute, href = “/samlsso”. >>> >>> >>> >>> Link to the Repo: https://github.com/chirankavin >>> da123/saml-sso-agent-DOT-NET >>> <https://github.com/chirankavinda123/saml-sso-agent-DOT-NET> >>> Any suggestion/recommendation to improve this agent's architecture would >>> be much appreciated. >>> >>> Thank you. >>> -- >>> *Chiran Wijesekara* >>> >>> >>> *Software Engineering Intern | WSO2*Email: [email protected] >>> Mobile: +94712990173web: www.wso2.com >>> >>> [image: https://wso2.com/signature] <https://wso2.com/signature> >>> >> >> >> >> -- >> *Chiran Wijesekara* >> >> >> *Software Engineering Intern | WSO2*Email: [email protected] >> Mobile: +94712990173web: www.wso2.com >> >> [image: https://wso2.com/signature] <https://wso2.com/signature> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Dushan Abeyruwan | Architect > Technical Support,MV > PMC Member Apache Synpase > WSO2 Inc. http://wso2.com/ > Blog:*http://www.dushantech.com/ <http://www.dushantech.com/>* > LinkedIn:*https://www.linkedin.com/in/dushanabeyruwan > <https://www.linkedin.com/in/dushanabeyruwan>* > Mobile:(001)408-791-9312 > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
