Discuss this help topic in SecureBlackbox Forum

SAML IdP server initial setup

TElSAMLIdentityProvider is a low-level component, which acts like an incoming data parser. All socket-related operations should be implemented by the developer. One TElSAMLIdentityProvider instance is used for each incoming connection.

The following event handlers must be implemented and assigned to the listed events to make the SAMLServiceProvider class work:

  • OnOpenConnection - is fired when the incoming connection is established
  • OnSend - is used to send outgoing data to a client
  • OnReceive - is used to receive incoming data from a client
  • OnCloseConnection - is fired when the connection is closed

IdP interacts with SPs that may have a lot of different options and requirements for IdP. Usually all these options together with X.509 certificates needed for data exchange are stored in XML metadata files. Such file can be loaded using TElSAMLServiceProviderInfo.LoadMetadata() method and then TElSAMLServiceProviderInfo instance should be added to known SPs list using TElSAMLIdentityProvider.AddServiceProvider method.

Also TElSAMLIdentityProvider.SessionManager property should be assigned to TElMemorySessionManager instance. This class is responsible for storing session information and the instance of this class can be shared between TElSAMLIdentityProvider objects.

Another property that should be assigned is TElSAMLIdentityProvider.AuthSource. You can use TElSAMLIDPPasswordMemoryAuthSource instance to initialize it. This property contains an instance of the descendant of TElSAMLIDPCustomAuthSource, which is used to create, store and verify users' credentials, and can be shared between TElSAMLIdentityProvider instances.



TElSAMLIDPPasswordMemoryAuthSource src = new TElSAMLIDPPasswordMemoryAuthSource();
src.Add("username", "password1");
src.Add("anothername", "password2");

How To articles about SAML Identity Provider (IdP)

Discuss this help topic in SecureBlackbox Forum