Hi Dushan and Ruwan, In effect, I am working on the preparation of comprehensive documentation to support quick setup.
Unlike *component space*, this project is done with the focus improving usability as well. Further, the .NET developers should be able to plug this into their applications with minimal effort. Thus, the SAML authentication should be available* just by adding the .dll and doing configurations in web.config*. Thank you for your constructive feedback. Thank you. On Wed, Jan 24, 2018 at 7:48 AM, Ruwan Abeykoon <ruw...@wso2.com> wrote: > Hi Dushan, > Thanks for sharing the "Componentspace". It seems a complete and > comprehensive solution. > > This purpose of this "agent" ( we need to rename this, as it is not an > agent, but a library), is to be included in VS solution. We have no plan to > install this library in IIS. > > +1 on comprehensive documentation. > I think we need to include, > 1. The architecture of the library and the rest of the app, + WSO2 IS. > 2. What a developer has to do on VS( step by step) > 3. How to change the values in production. > > Cheers, > Ruwan > > On Wed, Jan 24, 2018 at 4:02 AM, Dushan Abeyruwan <dus...@wso2.com> wrote: > >> Hi Chiran, >> Interesting work, please do come up with a documentation for the >> implementation you have done (i.e working sample illustration with images, >> the README.txt for the git project). I need to visualize the complete agent >> integration stepwise. I had looked the repo. I believe once the agent >> installed to the .net web application we may need to install the agent.dll >> then we may need to complete following[1] >> I used to work with the [2] for some demos, however, just need to >> understand the differences between the Componentspace [2] vs the agent >> feature that we are offering >> >> [1] >> >> <appSettings> >> <add key="SAML2SSOURL" value="samlsso"/> >> <add key="SPEntityId" value="demo-sso-agent"/> >> <add key="AssertionConsumerURL" value="http://localhost:49763/ >> sample/callback"/> >> <add key="EnableResponseSigning" value="true"/> >> <add key="HTTPBinding" value="urn:oasis:names:tc:SAML >> :2.0:bindings:HTTP-POST"/> >> <add key="EnableRequestSigning" value="true"/> >> <add key="AttributeConsumingServiceIndex" value="1024541984"/> >> </appSettings> >> >> [2] https://www.componentspace.com/ >> >> Cheers, >> Dushan >> >> On Sun, Jan 21, 2018 at 10:22 PM, Chiran Wijesekara <chir...@wso2.com> >> wrote: >> >>> Architecture diagram is attached below. It's not showing up in the >>> original Email due to an issue with the format. >>> >>> >>> On Mon, Jan 22, 2018 at 10:56 AM, Chiran Wijesekara <chir...@wso2.com> >>> wrote: >>> >>>> >>>> *Introduction:* >>>> >>>> Suppose someone has an ASP.NET web application or else he/she is going >>>> to create a new one. One of your major concerns would be to provide a >>>> secure mechanism for handling user authentication and authorization. >>>> >>>> With the introduction of this SAML Agent, you can easily incorporate >>>> this agent into your ASP.NET web application and it will take care of >>>> all the things related to SAML authentication mechanism. >>>> >>>> *Solution Architecture:* >>>> >>>> >>>> *Note: 2,7,8,3 of the above diagram denotes the resolving of the >>>> current request of interest.* >>>> >>>> The above diagram depicts the architecture for the .NET SAML agent. The >>>> agent is designed in such a way that all the requests that are coming to >>>> the ASP.NET web application will be directed to the >>>> *FilteringHttpModule*. This *FilteringHttpModule* is a class that >>>> implements the *IHttpModule *interface (i.e. a custom HTTP handler). >>>> And this *FilteringHttpModule* is responsible for handling the SAML >>>> authentication related request. It will call the relevant method of >>>> *SAMLManager >>>> *class to process the request. >>>> >>>> *How to incorporate Agent into a given ASP.NET <http://ASP.NET> web >>>> application:* >>>> >>>> This agent is developed in a way such that it has minimum possible >>>> dependencies on the ASP.NET web application. Hence, when someone wants >>>> to incorporate SAML authentication into his/her ASp.NET web app, that could >>>> be done with a minimum effort. >>>> >>>> Following is the list of items to configure SAML Agent for a given >>>> ASP.NET web application. >>>> >>>> The process of incorporating *SAML authentication with wso2 identity >>>> server* via SAML agent can be explained in few steps as follows. >>>> >>>> 1. >>>> >>>> *Add* - the agent.dll reference to your Asp.NET web application(You >>>> can get this via NuGet package manager or else from the git repo) >>>> 2. >>>> >>>> *Configure* - the mandatory properties in your ASP.NET web >>>> application’s web.config file. Furthermore, you have to get the .jks >>>> from >>>> the wso2 Identity Server you are using and convert it to a *pkcs* >>>> using keytool.(Or else use your own pkcs12). Add the .pfx / .p12 to the >>>> Local Machine Certificate Store. >>>> 3. >>>> >>>> *Register* - the “FilteringHttpModule” in your ASP.NET web >>>> application to handle the requests related to SAML authentication >>>> mechanism. >>>> 4. >>>> >>>> *Set* - your application’s login controls to refer SAML intensive >>>> segments. That is, suppose you have a login link in your web >>>> application. >>>> All you have to do is set the attribute, href = “/samlsso”. >>>> >>>> >>>> >>>> Link to the Repo: https://github.com/chirankavin >>>> da123/saml-sso-agent-DOT-NET >>>> <https://github.com/chirankavinda123/saml-sso-agent-DOT-NET> >>>> Any suggestion/recommendation to improve this agent's architecture >>>> would be much appreciated. >>>> >>>> Thank you. >>>> -- >>>> *Chiran Wijesekara* >>>> >>>> >>>> *Software Engineering Intern | WSO2*Email: chir...@wso2.com >>>> Mobile: +94712990173web: www.wso2.com >>>> >>>> [image: https://wso2.com/signature] <https://wso2.com/signature> >>>> >>> >>> >>> >>> -- >>> *Chiran Wijesekara* >>> >>> >>> *Software Engineering Intern | WSO2*Email: chir...@wso2.com >>> Mobile: +94712990173web: www.wso2.com >>> >>> [image: https://wso2.com/signature] <https://wso2.com/signature> >>> >>> _______________________________________________ >>> Architecture mailing list >>> Architecture@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> Dushan Abeyruwan | Architect >> Technical Support,MV >> PMC Member Apache Synpase >> WSO2 Inc. http://wso2.com/ >> Blog:*http://www.dushantech.com/ <http://www.dushantech.com/>* >> LinkedIn:*https://www.linkedin.com/in/dushanabeyruwan >> <https://www.linkedin.com/in/dushanabeyruwan>* >> Mobile:(001)408-791-9312 >> >> >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > > -- *Chiran Wijesekara* *Software Engineering Intern | WSO2*Email: chir...@wso2.com Mobile: +94712990173web: www.wso2.com [image: https://wso2.com/signature] <https://wso2.com/signature>
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
