Reputation: 1
Is it possible to use Sustainsys.SAML2 without ASP.NET cookie authentication?
I'm trying to implement SAML as service provider in our ASP.NET 4x application using Sustainsys SAML2 but I'm starting to wonder if this is the right way to go. The application is technically ASP.NET MVC, but we only use one mvc page to load the frontend SPA (angular). As the application is also multitenant I have mostly focused on the OWIN-version of Sustainsys (as the ASP.NET MVC version doesnt seem to support different configurations based on the request). But we also use custom authentication and the Sustainsys library seems tightly linked to the ASP.NET cookie authentication, which I dont know that much about. Is it possible to use this library without ASP.NET authentication?
Upvotes: 0
Views: 833
Answers (1)
Reputation: 69280
Yes, it is possible. Hook the AcsCommandResultCreated notification and set the HandledResult flag on CommandResult to true to supress the default handling, including calls to the cookie authentication. Then do whatever you want to do.
Note that you would need to copy parts of the CommandResultExtensions.Apply method to clear the state cookie and apply the redirect.
Upvotes: 0
Related Questions
- Authenticate web app Using Saml 2.0 in asp.net
- Not able to SignOut using Saml2 from Sustainsys
- Saml No Cookie Preserving State ASP.NET CORE
- Integration of Sustainsys.Saml2 in plain Asp.Net Core MVC web app
- ASP.NET Core and SAML authentication
- Sustainsys.Saml2 start authentication dynamically for ASP.NET
- SSO Sustainsys.Saml2.Owin Request is not Authenticated - access_denied
- Sustainsys Saml2 library for ASP.NET MVC with FormsAuthentication
- Dynamically add a SAML2 authentication provider using Sustainsys.Saml2 in ASP.NET Core
- Saml2 Single Logout (SingleLogoutServiceResponseUrl) with Sustainsys and Identity Server 4