Saml2 protocol

[juanan]

Hi,

is there any way now to support the Saml2 protocol as in the past with Saml2AuthenticationModule?

Thanks a lot, Best regards.

[brentschmaltz]

@juanan seems like i forgot to save my comments, Are you specifically speaking about samlp signin envelope?

We made some changes with our envelope reader and writers that support multiple signatures as samlp envelopes are signed and contain other elements with signatures.

Yes, it is possible, but you would have some work to do. Adding @AndersAbel as he went down this road and has some experience and may be able to comment.

[AndersAbel]

I'm the main author and maintainer of the Sustainsys.Saml2 open source Saml2 package. There is a Saml2AuthenticationModule in the library, as well as an Owin middleware and an Asp.Net Core handler. The Saml2 library uses this (Microsoft.IdentityModel) library for the token handling.

The changes @brentschmaltz mentions were done to support some scenarios with nested signed data.

[juanan]

Hi, the thing is that I have to migrate an old component using Microsoft.IdentityModel.Protocols.dll v1.0 where the class Saml2AuthenticationModule was present.

My doubt appeared when I upgraded the Microsoft.IdentityModel Nuget and I noticed that this class was removed, for that I launched the question about if Saml2P was still possible.

But I guess that this part of code was in certain way moved to Sustainsys.Saml2, isn't it?

Many thanks to both @brentschmaltz and @AndersAbel.

[AndersAbel]

@juanan No code was moved to Sustainsys.Saml2 and the API will not be the same. But it is an HttpModule that supports Saml2P and it should be possible to replace it with the Sustainsys.Saml2.HttpModule package.

[juanan]

Cool, I will use the Sustainsys.Saml2.HttpModule package,

Best regards.