Single Sign-On Introduction
In this IdP-Initiated SSO scenario, a user logs on to the IdP site and attempts to access a resource on the SP site.
- A user browse to the IdP site
- The IdP site will ask the user to provide his/her credentials if he or she is not logged in
- After the user has logged in, he or she clicks on a link/button to navigate to the SP site. (Some sites may navigate the users automatically)
- At this point, the IdP sends SAML Response containing the authentication assertion and any additional attributes to the SP's Assertion Consumer Service.
- The SP validates the message. If the signature and assertion are valid, the SP uses the information in the SAML Response to perform an automatic login.
Single Logout Introduction
In this IdP-Initiated SLO scenario, a user clicks on a link at the IdP site to log out of the IdP site and all the participating SP sites.
Identity Provider Example Web Application
After successfully installing the UltimateSaml setup package you will see two web sample projects in folder Samples\Saml\Web\CS\Saml2IdPInitiated for C# and Samples\Saml\Web\VB\Saml2IdPInitiated for VB.NET. To run these web sample projects, open the solution file Saml2IdPInitiated_XXXX.sln, and then press F5 in the Visual Studio IDE.
This sample is configured to run on port 1421 (you can easily change the port number in the project property page). The identity provider web application, in conjunction with Service Provider web application, demonstrates IdP initiated single sign-on. Firstly, you need to login to the system with the user name iuser and a password of password.
and then click on a link to access the Service Provider site which runs on port 1422.
How to configure?
You can easily configure the ID Provider web application by modifying the settings within its web.config file's <appSettings> section:
- ConsumerServiceUrl: The URL of the service provider's assertion consumer service.
- ServiceProviderUrl: The target URL of the service provider web application.
Service Provider Example Web Application
This sample is configured to run on port 1422 (you can easily change the port number in the project property page). The service provider web application, in conjunction with Identity Provider web application, demonstrates IdP initiated single sign-on. You can login to the local system with the username suser and a password of password.