ComponentSpace

Forums



SSOOptions for InitiateSSO - suppress basic AUTH popup with request URL


SSOOptions for InitiateSSO - suppress basic AUTH popup with request...

Author
Message
mlam
mlam
New Member
New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)

Group: Forum Members
Posts: 18, Visits: 46
Hi

We used to suppress basic auth popup (SP-initiated) with request URL looking like this:


    // Ensure the SAML configuration is loaded.
    SAMLController.Initialize();
   
    var singleSignOnServiceUrl = "https://username:password@idp.example.com/"; 

    SSOOptions sSOOptions = new SSOOptions();
    sSOOptions.RequestedUserName = uid;

    SAMLServiceProvider.InitiateSSO(Response, stateRelay, returnUrl, sSOOptions, null, singleSignOnServiceUrl);


This option is deprecated. And it is not secure. They suggest using the credentials in the Authorization header instead. But, all details are going to the handler by InitiateSSO. May I know how to achieve this?


ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)

Group: Administrators
Posts: 2.8K, Visits: 8.6K
The SAML specification doesn't support a mechanism for passing a password from the SP to the IdP. It does support passing an optional user name (ie the ssoOptions.RequestedUserName) but not all IdPs support this.

If you were to somehow pass the user's password to the IdP, this would have to be a proprietary mechanism and you would need to think very carefully about the security implications. It's not something we recommend doing and I'm surprised it's supported by the IdP.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 1 query. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Social Logins

Select a Forum....









Forums, Documentation & Knowledge Base - ComponentSpace


Search