How the SAMLAuthDemo Application Works

The SAMLAuthDemo application consists mainly of relatively standard .NET code for using custom bindings and generating SAML assertions.

Some key areas of code to note are:

• The SAMLBinding\Samlutilities.cs file is used to generate the SAML assertion itself:
  • It contains the username (John Eustace) that will be supplied in the SAMLSubject.

          SamlSubject samlSubject = null;
          samlSubject = new SamlSubject(
             "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
             "www.tibco.com",
             "John Eustace",
             confirmationMethods,
             null,
          null);

  • It signs the SAML assertion using the previously generated private key from the Trusted People certificate store.
  • It sets items such as the confirmationMethods.
• The SAMLBinding\SamlBinding.cs implements a custom WCF binding that combines the SAML assertion and SOAP request to create the required SOAP envelope. It controls things like the transport used to communicate with the ActiveMatrix BPM service, and what security is applied to the SOAP envelope as a whole.
• The SAMLAuthDemo\Adapter.cs file:
  • contains a wrapper around the EventCollectorQueryService service reference.
  • calls the executeGenericQuery operation using the SAMLBinding. It configures the binding for use, for example containing the reference to the certificate used to sign the message.

Copyright © Cloud Software Group, Inc. All rights reserved.