在 C# .NET 4.5 中使用 SAML 2.0
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/15530184/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Working with SAML 2.0 in C# .NET 4.5
提问by bugnuker
I am trying to use pure .NET (no external classes, controls, helpers) to create a SAML message. I found some code on the interwebs; this is what I have:
我正在尝试使用纯 .NET(无外部类、控件、帮助程序)来创建 SAML 消息。我在网上找到了一些代码;这就是我所拥有的:
private static SamlAssertion createSamlAssertion()
{
// Here we create some SAML assertion with ID and Issuer name.
SamlAssertion assertion = new SamlAssertion();
assertion.AssertionId = "AssertionID";
assertion.Issuer = "ISSUER";
// Create some SAML subject.
SamlSubject samlSubject = new SamlSubject();
samlSubject.Name = "My Subject";
//
// Create one SAML attribute with few values.
SamlAttribute attr = new SamlAttribute();
attr.Namespace = "http://daenet.eu/saml";
attr.AttributeValues.Add("Some Value 1");
//attr.AttributeValues.Add("Some Value 2");
attr.Name = "My ATTR Value";
//
// Now create the SAML statement containing one attribute and one subject.
SamlAttributeStatement samlAttributeStatement = new SamlAttributeStatement();
samlAttributeStatement.Attributes.Add(attr);
samlAttributeStatement.SamlSubject = samlSubject;
// Append the statement to the SAML assertion.
assertion.Statements.Add(samlAttributeStatement);
//return assertion
return assertion;
}
and here is the code I am using to get the XML:
这是我用来获取 XML 的代码:
var sb = new StringBuilder();
var settings = new XmlWriterSettings
{
OmitXmlDeclaration = true,
Encoding = Encoding.UTF8
};
using (var stringWriter = new StringWriter(sb))
using (var xmlWriter = XmlWriter.Create(stringWriter, settings))
using (var dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter(xmlWriter))
{
var samlAssertSerializer = new SamlSerializer();
var secTokenSerializer = new WSSecurityTokenSerializer();
assertion.WriteXml(
dictionaryWriter,
samlAssertSerializer,
secTokenSerializer
);
}
This seemed like it was going to work. However, the message is produces is SAML version 1.0 - I need to work with 2.0.
这似乎要奏效了。但是,生成的消息是 SAML 版本 1.0 - 我需要使用 2.0。
I know I can do some sloppy work and replace some values here and there and this system would work fine. There are very little differences in the message, version being the most important. I am having a hard time finding information on SAML 2.0 for .NET. I do know SAML 2.0 was implemented into .NET recently. I am using Framework 4.5 so I should have access to it. The MSDN page for SamlAssertion says the "majorVersion" is a constant, always set to '1'.
我知道我可以做一些草率的工作并在这里和那里替换一些值,这个系统会正常工作。消息中几乎没有差异,版本是最重要的。我很难找到有关 .NET 的 SAML 2.0 的信息。我知道 SAML 2.0 最近已在 .NET 中实现。我使用的是 Framework 4.5,所以我应该可以访问它。SamlAssertion 的 MSDN 页面说“majorVersion”是一个常量,总是设置为“1”。
I'm guessing there is another namespace I could be working with, but I haven't found it. My requirement is just to get the XML SAML message. I don't need to sign with X509, I don't need the token. Just the SAML XML message.
我猜我可以使用另一个命名空间,但我还没有找到它。我的要求只是获取 XML SAML 消息。我不需要用 X509 签名,我不需要令牌。只是 SAML XML 消息。
Again, this is a question trying to find out how to do this in native .NET. I have found several SAML helpers and lots of code on how to build the message manually- I'm trying to find the CORRECT solution, if it exists.
同样,这是一个试图找出如何在本机 .NET 中执行此操作的问题。我找到了几个 SAML 帮助程序和许多关于如何手动构建消息的代码 - 我正在尝试找到正确的解决方案(如果存在)。
EDIT: I have found I can use Saml2Assertion. However, I am unable to find a way to get the SAML message written to xml now.
编辑:我发现我可以使用 Saml2Assertion。但是,我现在找不到将 SAML 消息写入 xml 的方法。
EDIT2: I have found how to write the Saml2Assersion object to xml. Sadly, it does not keep the SAML syntax, it writes in pure XML without <saml>tags.
EDIT2:我找到了如何将 Saml2Assersion 对象写入 xml。遗憾的是,它没有保留 SAML 语法,而是用没有<saml>标签的纯 XML 编写。
采纳答案by bugnuker
.NET 4.5 has WIF (Windows Identity Foundation) built into it. This now supports SAML 2.0. To make use of SAML 2.0, just use .NET 4.5. The class name is Saml2XXXX (where XXXX is the token, assertion, serializer etc) Here is a link to SAML 2.0 Assertion: http://msdn.microsoft.com/en-us/library/microsoft.identitymodel.tokens.saml2.saml2assertion.aspx
.NET 4.5 内置了 WIF(Windows Identity Foundation)。这现在支持 SAML 2.0。要使用 SAML 2.0,只需使用 .NET 4.5。类名是 Saml2XXXX(其中 XXXX 是令牌、断言、序列化程序等)这里是 SAML 2.0 断言的链接:http: //msdn.microsoft.com/en-us/library/microsoft.identitymodel.tokens.saml2。 saml2assertion.aspx
This will create a SAML 2.0 Assertion object. To get the XML, this is the code I used:
这将创建一个 SAML 2.0 断言对象。要获取 XML,这是我使用的代码:
using System.Xml;
using System.IdentityModel.Tokens;
namespace YOUR.SPACE
{
public class Saml2Serializer : Saml2SecurityTokenHandler
{
public Saml2Serializer()
{
Configuration = new SecurityTokenHandlerConfiguration()
{
};
}
public void WriteSaml2Assertion(XmlWriter writer, Saml2Assertion data)
{
base.WriteAssertion(writer, data);
}
}
}
This will serialize your assertion object into XML. This is where I ran into problems. The XML is will create does NOT contain the saml namespace (e.g. <saml:Assertion>). I was not able to find a solution for this, so a Replace("<", "<saml:")had to be used.
这会将您的断言对象序列化为 XML。这是我遇到问题的地方。XML 将创建不包含 saml 命名空间(例如<saml:Assertion>)。我无法为此找到解决方案,因此Replace("<", "<saml:")必须使用 a 。
回答by nzpcmad
That's because Saml2Assertion refers to the token not the protocol.
那是因为 Saml2Assertion 指的是令牌而不是协议。
The SAML token used in WIF is a 1.0 token.
WIF 中使用的 SAML 令牌是 1.0 令牌。
There is no SAML 2 protocol support in .NET.
.NET 中不支持 SAML 2 协议。
There is a WIF CTPfor SAML 2 but it hasn't been upgraded for ages.
SAML 2有一个 WIF CTP,但它已经很久没有升级了。
