It's very simple to Implement Kentor auth service.
For example point of view i am taking Kentor.AuthServices.StubIdp as my IDP(identity provider)
For example point of view i am taking Kentor.AuthServices.StubIdp as my IDP(identity provider)
- Install Kentor AuthServices for Nuget to your application
- Install-Package Kentor.AuthServices
- Your need two certificates service Certificates and signing Certificate. for data exchange and Encryption. Download certificate http://stubidp.kentor.se/
- Add the following code to your web config file.
- <configSections>
<!--This Section for load Required files for sso-->
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<section name="kentor.authServices" type="Kentor.AuthServices.Configuration.KentorAuthServicesSection, Kentor.AuthServices"/>
<!--End of section-- </configSections> - <authentication mode="Forms">
<forms loginUrl="~/AuthServices/SignIn" />
</authentication> - <kentor.authServices entityId="http://localhost:61548/Home/Index"
returnUrl="http://localhost:61548/Home/Index"
authenticateRequestSigningBehavior="Never">
<nameIdPolicy allowCreate="true"
format="Persistent"/>
<metadata cacheDuration="0:0:42"
validDuration="7.12:00:00"
wantAssertionsSigned="true">
<organization name="Kentor IT AB"
displayName="Kentor"
url="http://www.kentor.se"
language="sv" />
<contactPerson type="Other" email="info@kentor.se" />
<!--<requestedAttributes>
<add friendlyName ="Some Name"
name="urn:someName"
nameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
isRequired="true" />
<add name="Minimal" />
<add friendlyName="employee_number" name="urn:employee_number" nameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true" />
<add friendlyName="language" name="urn:language" nameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true" />
</requestedAttributes>-->
</metadata>
<identityProviders>
<add entityId="http://stubidp.kentor.se/Metadata"
signOnUrl="http://stubidp.kentor.se"
allowUnsolicitedAuthnResponse="true"
binding="HttpRedirect"
wantAuthnRequestsSigned="true">
<signingCertificate fileName="~/App_Data/Kentor.AuthServices.StubIdp.cer" />
</add>
</identityProviders>
<!--<federations>
<add metadataLocation="http://stubidp.kentor.se" allowUnsolicitedAuthnResponse="true" />
</federations>-->
<serviceCertificates>
<add fileName="~/App_Data/Kentor.AuthServices.Tests.pfx" />
</serviceCertificates>
</kentor.authServices> - To get authencated user details user this code to your action method
- [Authorize]
public ActionResult Index()
{
var identity = System.Web.HttpContext.Current.User.Identity as ClaimsIdentity;
return View(identity.Claims);
}
- Your View Should have following code to print values that received for idp
- @model System.Collections.Generic.IEnumerable<System.Security.Claims.Claim>
<p>This is a secure page that only works when logged in.</p>
<p>Claims:</p>
<ul>
@foreach (var claim in Model)
{
<li>@claim.Type - @claim.Value</li>
}
</ul> - For more detail configuration click Knetor auth service