I'm developing an MVC 4 web application in C# and want to handle login using an existing SAML 2.0 identity provider. I am using HTTP POST binding with SimpleSAMLphp.
It seems like, in .NET 4.5, I should be using Windows Identity Foundation. First, I tried to install the Identity and Access Tool. (I am using Visual Studio 2013, which is supposed to have this tool integrated, but VS2013's version doesn't support "re-entrancy", meaning I can't use it to add WIF support to my existing application.)
After pointing the Identity and Access Tool to my identity provider's metadata, I get this error message:
Apparently, this is the error message that indicates that SAMLP 2.0 is not supported by WIF. This seems to be distinct from SAML 2.0 tokens, which are supported (at least, this outdated documentation indicates that there was a
This tool will prompt for information needed to create a metadata file that describes your relying party. It will prompt for the addresses of partner metadata files to be downloaded. Finally, it will output a file calledthat has the changes that should be made to your web site's web.config file to enable SAML protection.
You're right in that WIF (now moved into core .NET under
System.IdentityModel) only supports the SAML2 tokens and not the SAML2 protocols required to implement a service provider.
Kentor.AuthServices is an open source SP implementation for ASP.NET MVC built on top of .NET 4.5. Install the package and add some settings in web.config - no coding required.
Disclaimer: I'm the author of