Monday 14 June 2021

Azure Active Directory single sign-on SSO (SAML Login)

 Step 1:  Open URL: https://portal.azure.com/#home



Step2 : Click Manage Azure Active Director


Step3: Click Enterprise Application

Step 4: New Application


Step 5: You're in the new and improved app gallery experience. Click here to switch back to the legacy app gallery experience.


Step 6: Click non-gallery application


Step 7: Put Application Name and Click ADD

Step 8: Click SSOLogin ( Application Name)
Step 9: Set UP Single sign on
Step 10: 



Step 11: put Entity ID & Assertion Consumer Service URL then click Save.

Step 12: Download Certificate & Metadata XML


Step 13:  Open Visual Studio


Step 14: Click Project
 
Step 15: put certificate file in APP_Data Folder
 
Step 16:  Manage Nuget Package 



Step 17: Browser Search Package : AS.SAMLClient then Click Install

Step 18: Add Default.aspx Page

Step 19: Web.config add AppSetting: 
<appSettings>

    <add key="SmCertificateFile" value="~/App_Data/Certicate.cer"/> // 
    <add key="SSOLoginURL" value="Login URL"/>
    <add key="SSOLogOutURL" value="Logout URL"/>
    <add key="ReturnURL" value="Return URL"/>
    <add key="Issuer" value="Application ID"/>
  </appSettings>




step 20: Default .aspx Code:

 
using System;
using System.Configuration;
 protected void Page_Load(object sender, EventArgs e)
        {
            AccountSettings accountSettings = new AccountSettings
            {
                idp_sso_target_url = ConfigurationManager.AppSettings["SSOLoginURL"]
            };
            string certificatePath = ConfigurationManager.AppSettings["SmCertificateFile"];
            accountSettings.smCertificatePath = Server.MapPath(certificatePath);
            try
            {
                if (Request.Form["SAMLResponse"] == null)
                {
                    AppSettings appSettings = new AppSettings();
                    appSettings.assertionConsumerServiceUrl = ConfigurationManager.AppSettings["ReturnURL"];
                    appSettings.issuer = ConfigurationManager.AppSettings["Issuer"];
                    AS.SAMLClient.Saml.AuthRequest req = new AS.SAMLClient.Saml.AuthRequest(appSettings, accountSettings);
                    Response.Redirect(accountSettings.idp_sso_target_url + "?SAMLRequest=" + System.Web.HttpUtility.UrlEncode(req.GetRequest(AS.SAMLClient.Saml.AuthRequest.AuthRequestFormat.Base64)));
                }
                else
                {
                    AS.SAMLClient.Saml.Response samlResponse = new AS.SAMLClient.Saml.Response(accountSettings);
                    samlResponse.LoadXmlFromBase64(Request.Form["SAMLResponse"]);

                    var response = samlResponse.getAllAttributes();
                    foreach (var assert in response)
                    {
                        Response.Write("<b>" + assert.Key + "</b>:" + assert.Value + "<br>");
                    }
                }
            }
            catch (Exception ex)
            {

            }
        }















-

No comments:

Post a Comment