Reputation: 11
Single Sign On connection from ASP.NET webforms with Kentor authservices
I’ve recently started using the Kentor open source packages to do a SSO connection to a PingFederate service from a ASP.NET Webforms application.
Everything seemed to work when I tested with the test service Kentor provided. However when I connected to PingFederate the people managing the service reported that my request was empty. Upon investigation we discovered that we needed to send login or login and password in the SAML request. Can this be done with the packages you provided?
Upvotes: 1
Views: 832
Answers (2)
Reputation: 3341
Within PingFederate for SAML 2.0, there is no specific requirement to provide user or password, though you can pass the user as <saml:Subject>. Any spec-compliant "simple" signed AuthnRequest that merely provides a relay state, ACS URL, and EntityID of the SP will do. If your partner is running PingFederate, and they are telling you that they need the user's ID, then they are wrong, unless they are doing something very strange (which has been known to happen).
Upvotes: 1
Reputation: 69260
Do you mean that you want the AuthnRequest to contain a <saml:Subject> element with the name of the user you want to authenticate?
That's part of the SAML standard, but unfortunately not supported by Kentor.AuthServices (as of version 0.13.0)
Upvotes: 0
Related Questions
- Kentor/Owin/Azure AD Authentication
- How can i use kentor authentication services in my web application for authencation
- is there any sample program using Kentor.AuthServices.MVC
- Kentor Auth services SAML 2.0 -Service certificate
- Kentor AuthServices - serviceCertificates for SP (.pfx with password protected) throwing network password error
- IIS single sign on using Kerberos tickets
- Using Kentor.AuthServices.StubIdp as production IDP
- kerberos in asp.net
- How to implement single sign-on using kerberos authentication?
- How to connection to an IIS website using Kerberos