We are about to implement support for SAML 2.0 in our company and we have been going through a long list of libraries (from Wikipedia) that would allow us to implement such identification for our systems more practically (us being the Service Provider
).
我们即将在我们公司实施对SAML 2.0的支持,并且我们已经经历了一长串的库(来自*),这将允许我们更实际地为我们的系统实现这种识别(我们是服务提供商)。
I recently found out that .NET 4.5 comes with native support for SAML 2.0 through WIF (Windows Identity Foundation). However, having native support by .NET, should we consider using a popular third-party libraries such as ComponentSpace (or anything better perhaps)? Are there any benefits in regards to ease of use, broader settings, flexibility or documentation?
我最近发现.NET 4.5通过WIF(Windows Identity Foundation)提供对SAML 2.0的本机支持。但是,在.NET的本机支持下,我们是否应该考虑使用流行的第三方库,如ComponentSpace(或者更好的东西)?在易用性,更广泛的设置,灵活性或文档方面是否有任何好处?
2 个解决方案
#1
3
WIF doesn't support SAML (the protocol). It supports WS-Fed with SAML tokens. If you really want to go down the SAML (protocol) you need to use some other library like ComponentOne's.
WIF不支持SAML(协议)。它支持带有SAML令牌的WS-Fed。如果你真的想要下载SAML(协议),你需要使用像ComponentOne这样的其他库。
TL;DR: WIF, at least theoretically, can do SAML-P too if you extend it. Microsoft wrote this extensions as a "preview" in 2011, but has not updated yet since. You can do it too using the WIF extension model. Most people I know have better things to do though :-).
TL; DR:WIF,至少在理论上,如果扩展它也可以做SAML-P。微软在2011年将此扩展程序称为“预览”,但此后尚未更新。你也可以使用WIF扩展模型。我认识的大多数人都有更好的事情要做:-)。
In general, I would recommend going with a lighter weight, syntactically simpler protocol like OpenID Connect. Plenty of easy to use, simpler to debug, troubleshoot libraries out there.
一般来说,我建议使用更轻量级,语法更简单的协议,如OpenID Connect。大量易于使用,调试更简单,对库进行故障排除。
#2
1
Have a look at SAML : SAML connectivity / toolkit and the links in it.
查看SAML:SAML连接/工具包及其中的链接。
Having used ComponentSpace, it works and has a good selection of samples and the cost is pretty reasonable.
使用ComponentSpace后,它可以工作并且有很多样本可供选择,而且成本非常合理。
Obviously, commercial = support.
显然,商业=支持。
Not sure about your use case but you could possibly install ADFS and then go:
不确定您的用例,但您可以安装ADFS然后去:
ASP.NET --> WS-Fed (WIF) --> ADFS --> SAML --> IP.
ASP.NET - > WS-Fed(WIF) - > ADFS - > SAML - > IP。
#1
3
WIF doesn't support SAML (the protocol). It supports WS-Fed with SAML tokens. If you really want to go down the SAML (protocol) you need to use some other library like ComponentOne's.
WIF不支持SAML(协议)。它支持带有SAML令牌的WS-Fed。如果你真的想要下载SAML(协议),你需要使用像ComponentOne这样的其他库。
TL;DR: WIF, at least theoretically, can do SAML-P too if you extend it. Microsoft wrote this extensions as a "preview" in 2011, but has not updated yet since. You can do it too using the WIF extension model. Most people I know have better things to do though :-).
TL; DR:WIF,至少在理论上,如果扩展它也可以做SAML-P。微软在2011年将此扩展程序称为“预览”,但此后尚未更新。你也可以使用WIF扩展模型。我认识的大多数人都有更好的事情要做:-)。
In general, I would recommend going with a lighter weight, syntactically simpler protocol like OpenID Connect. Plenty of easy to use, simpler to debug, troubleshoot libraries out there.
一般来说,我建议使用更轻量级,语法更简单的协议,如OpenID Connect。大量易于使用,调试更简单,对库进行故障排除。
#2
1
Have a look at SAML : SAML connectivity / toolkit and the links in it.
查看SAML:SAML连接/工具包及其中的链接。
Having used ComponentSpace, it works and has a good selection of samples and the cost is pretty reasonable.
使用ComponentSpace后,它可以工作并且有很多样本可供选择,而且成本非常合理。
Obviously, commercial = support.
显然,商业=支持。
Not sure about your use case but you could possibly install ADFS and then go:
不确定您的用例,但您可以安装ADFS然后去:
ASP.NET --> WS-Fed (WIF) --> ADFS --> SAML --> IP.
ASP.NET - > WS-Fed(WIF) - > ADFS - > SAML - > IP。