.NET中的SAML 2.0实现,使用哪个库

时间:2022-07-04 03:17:51

We are about to implement support for SAML 2.0 in our company and we have been going through a long list of libraries (from Wikipedia) that would allow us to implement such identification for our systems more practically (us being the Service Provider).

我们即将在我们公司实施对SAML 2.0的支持,并且我们已经经历了一长串的库(来自*),这将允许我们更实际地为我们的系统实现这种识别(我们是服务提供商)。

I recently found out that .NET 4.5 comes with native support for SAML 2.0 through WIF (Windows Identity Foundation). However, having native support by .NET, should we consider using a popular third-party libraries such as ComponentSpace (or anything better perhaps)? Are there any benefits in regards to ease of use, broader settings, flexibility or documentation?

我最近发现.NET 4.5通过WIF(Windows Identity Foundation)提供对SAML 2.0的本机支持。但是,在.NET的本机支持下,我们是否应该考虑使用流行的第三方库,如ComponentSpace(或者更好的东西)?在易用性,更广泛的设置,灵活性或文档方面是否有任何好处?

2 个解决方案

#1


3  

WIF doesn't support SAML (the protocol). It supports WS-Fed with SAML tokens. If you really want to go down the SAML (protocol) you need to use some other library like ComponentOne's.

WIF不支持SAML(协议)。它支持带有SAML令牌的WS-Fed。如果你真的想要下载SAML(协议),你需要使用像ComponentOne这样的其他库。

TL;DR: WIF, at least theoretically, can do SAML-P too if you extend it. Microsoft wrote this extensions as a "preview" in 2011, but has not updated yet since. You can do it too using the WIF extension model. Most people I know have better things to do though :-).

TL; DR:WIF,至少在理论上,如果扩展它也可以做SAML-P。微软在2011年将此扩展程序称为“预览”,但此后尚未更新。你也可以使用WIF扩展模型。我认识的大多数人都有更好的事情要做:-)。

In general, I would recommend going with a lighter weight, syntactically simpler protocol like OpenID Connect. Plenty of easy to use, simpler to debug, troubleshoot libraries out there.

一般来说,我建议使用更轻量级,语法更简单的协议,如OpenID Connect。大量易于使用,调试更简单,对库进行故障排除。

#2


1  

Have a look at SAML : SAML connectivity / toolkit and the links in it.

查看SAML:SAML连接/工具包及其中的链接。

Having used ComponentSpace, it works and has a good selection of samples and the cost is pretty reasonable.

使用ComponentSpace后,它可以工作并且有很多样本可供选择,而且成本非常合理。

Obviously, commercial = support.

显然,商业=支持。

Not sure about your use case but you could possibly install ADFS and then go:

不确定您的用例,但您可以安装ADFS然后去:

ASP.NET --> WS-Fed (WIF) --> ADFS --> SAML --> IP.

ASP.NET - > WS-Fed(WIF) - > ADFS - > SAML - > IP。

#1


3  

WIF doesn't support SAML (the protocol). It supports WS-Fed with SAML tokens. If you really want to go down the SAML (protocol) you need to use some other library like ComponentOne's.

WIF不支持SAML(协议)。它支持带有SAML令牌的WS-Fed。如果你真的想要下载SAML(协议),你需要使用像ComponentOne这样的其他库。

TL;DR: WIF, at least theoretically, can do SAML-P too if you extend it. Microsoft wrote this extensions as a "preview" in 2011, but has not updated yet since. You can do it too using the WIF extension model. Most people I know have better things to do though :-).

TL; DR:WIF,至少在理论上,如果扩展它也可以做SAML-P。微软在2011年将此扩展程序称为“预览”,但此后尚未更新。你也可以使用WIF扩展模型。我认识的大多数人都有更好的事情要做:-)。

In general, I would recommend going with a lighter weight, syntactically simpler protocol like OpenID Connect. Plenty of easy to use, simpler to debug, troubleshoot libraries out there.

一般来说,我建议使用更轻量级,语法更简单的协议,如OpenID Connect。大量易于使用,调试更简单,对库进行故障排除。

#2


1  

Have a look at SAML : SAML connectivity / toolkit and the links in it.

查看SAML:SAML连接/工具包及其中的链接。

Having used ComponentSpace, it works and has a good selection of samples and the cost is pretty reasonable.

使用ComponentSpace后,它可以工作并且有很多样本可供选择,而且成本非常合理。

Obviously, commercial = support.

显然,商业=支持。

Not sure about your use case but you could possibly install ADFS and then go:

不确定您的用例,但您可以安装ADFS然后去:

ASP.NET --> WS-Fed (WIF) --> ADFS --> SAML --> IP.

ASP.NET - > WS-Fed(WIF) - > ADFS - > SAML - > IP。