Reputation: 2014
SAML2 Set AuthMode to active later on the app
I'm using https://github.com/Sustainsys/Saml2 library for our app SAML2 SSO. I would like to set the AuthMode to active later on the app, the reason behind this is not all of our clients use SAML2 so if a client visited their domain they should be redirected to their Idp login page.
However this AuthMode property is only available in the Startup.Auth.cs and I can't access this somewhere in the application.
By the way I'm using Owin for this.
Is there anyway I can do this?
Upvotes: 1
Views: 81
Answers (1)
Reputation: 69260
Yes, it's possible. Keep a reference to Saml2AuthenticationOptions around (such as a static property/field) and then change it during runtime. It will take effect immediately.
But, you probably don't want to go down that path. You already have the cookie middleware as active and the Owin pipeline is designed for only one active middleware, not multiple.
So instead, set the LoginPath in the CookieAuthenticationHandler to a controller/action that just returns a ChallengeResponse with the Saml2 authentication method as the challenge scheme. (the ChallengeResponse is included in the asp.net identity boilerplate code if you create a new application).
Upvotes: 1
Related Questions
- SAML OAuth Integration - toggle SAML
- Sustainsys.Saml2 start authentication dynamically for ASP.NET
- How to set WantAuthnRequestsSigned="true" in saml app in Okta
- Dynamically add a SAML2 authentication provider using Sustainsys.Saml2 in ASP.NET Core
- Send SignIn request to Idp- Sustainsys Saml2
- SAML enabling a web/mobile application
- Authentication using SAML
- Check Login with saml 2.0 authencation
- SAML Configuration for BambooHR