Reputation: 297
I have an Identity Provider that I wish to preform SSO against using SAML 2.0
I'm using https://github.com/KentorIT/authservices
The IdP configuration is :
Entity Id: https://xxx.yyy.com/auth
Assertion Consumer Service URL: http://zzz:1111/AuthServices/Acs
I have created a self-signed certificate and added it to the local project.
The local configuartion:
<kentor.authServices entityId="https://xxx.yyy.com/Files/Metadata/IdP/Saml"
returnUrl="http://localhost:8585/">
<identityProviders>
<add entityId="https://xxx.yyy.com/"
signOnUrl="https://xxx.yyy.com/Saml/Login.aspx"
allowUnsolicitedAuthnResponse="true" binding="HttpRedirect">
<signingCertificate fileName="~/App_Data/SelfSignedCertificate-2016-01-10-22-37.cer" />
</add>
</identityProviders>
<federations>
<add metadataLocation="http://localhost:52071/Federation" allowUnsolicitedAuthnResponse="true" />
</federations>
</kentor.authServices>
I will appreciate any kind of help as i'm stuck with this.
Thanks
Gilad
Upvotes: 0
Views: 1228
Reputation: 69280
entityId
, in the kentor.authServices
root element should be the identifier you use for your site. Typically http://zzz:1111/AuthServices
, which is the ACS url minus the last part.signingCertificate
within the identityProviders/add
element should not be your own certificate, but the certificate that the Idp uses to sign messages.federations
element should be completely removed. It points to the local development environment, that it looks like you've copied the config from.Upvotes: 1