I understand the concept behind Windows Identity management framework and played around generate STS reference stuff which requires a FederationMetadata.XML.
My question is if I want to integrate my asp.net application to an existing java based SSO based application than what are the information I require from the existing SSO based application to integrate my application. I.e. will this SSO based application will give me a FederationMetadata.XML so that I can generate STS reference and filter the claim information?
Scenario
I have a customer who has a java based SSO infrastructure in place. He wanted to integrate one of my asp.net portals to its existing SSO enabled application. I.e. My portal’s link will be a part of customer’s application’s home page. Once the user of customer application logged-in, he can click on my application’s link from home page and this will post a SAML2.0 request to my application.
For exemple, Customer’s application name is Application-One and my application name is Application-Two.
- User will login to Application-One using its credential
- After authentication, Application-One’s Home page will appear.
- User will click on Application-Two’s link from Homepage from Application-One.
- Application-One will post a SAML2.0 request to Application-Two.
- Application-Two will desterilize this SAML2.0 request, skip the login page of application Two and find the claim information (Role) and serve the corresponding page to client’s browser through a SAML response.
Solution
- I will ask my customer to provide me the FederationMetadata.xml file of Application One
- Generate STS token using visual Studio’s feature for my application two
Am I on right path or i am missing somthing here.
NB: My application is on .net 4.0 with WIF SDK and runtime.
Lingaraj Mishra
