CODEWITHSUNDEEP
c#iis-6shibboleth
Tim Jarvis
Tim Jarvis

Reputation: 677

using c# to access shibboleth session data

I have successfully installed Shibboleth SP on our server (server 2003 IIS6) and it is working with a third party IDP. I know this is working as the /Session value returns the attributes I need.

At the moment though I am unable to access those session variables from a .net application. the variables are not being put in the head.

Any help greatly appreciated.

--Update-- In the attribute-map.xml I have the following related to the attribute I need (affiliation)

<Attribute name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" id="affiliation" aliases="Shib-EP-Affiliation">
    <AttributeDecoder xsi:type="ScopedAttributeDecoder" caseSensitive="false"/>
</Attribute>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" id="affiliation" aliases="Shib-EP-Affiliation">
    <AttributeDecoder xsi:type="ScopedAttributeDecoder" caseSensitive="false"/>
</Attribute>

Is ther something extra I should be adding into here?

Upvotes: 4

Views: 3467

Answers (4)

Jay S
Jay S

Reputation: 7994

I hit a similar issue and it turned out that my <Host> element in the shibboleth2.xml file was specifying a path that was not valid for where I was testing. If I visited a url under the path, the headers were accessible.

Updating the 'path' attribute to a valid path for the site resolved this for me.

Upvotes: 0

WimpyProgrammer
WimpyProgrammer

Reputation: 618

I had the same problem, and eventually found the issue in my shibboleth2.xml.

In my <Host> element I was missing the authType="shibboleth" attribute. My application was able to decode SAML requests and I could see my attributes at /Shibboleth.sso/Session, but the attributes weren't populating the environment variables or headers. Once I added the authType attribute, everything fell into place.

Also, it was very helpful to create an .aspx page containing just

<% @ Page Language="C#" Trace="true" %>

while hunting for the Shibboleth attributes.

Upvotes: 0

user353829
user353829

Reputation: 1434

You will need the IIS to proxy the Shibb headers to your application - see description here: https://spaces.ais.ucla.edu/display/iamucla/InstallShibSPOnWindowsIIS

Upvotes: 0

Steve Rowbotham
Steve Rowbotham

Reputation: 2868

As I recall, the attributes should be available in the Request.ServerVariables collection or the Request.Headers with the keys you specify in your Attribute-Map.xml configuration. Be aware though that there is some documented strangeness with the keys when using IIS and ASP.NET wherein they tend to get a prefix prepended to the names you've configured and some other things that occur, too. The most reliable approach to finding out what the actual key values are is to knock up a test page that iterates through the contents of the ServerVariables or Headers collection and displays them.

Upvotes: 2

Related Questions