HttpWebRequest - 添加数据
我正在构建 HttpWebRequest 来请求包含 SAMLResponse 的响应来获取用户名。
响应将由 Httpmodule 获取。
构建我的 AuthRequest (如下)后,xml 被默认,base64 编码,然后 url 编码。
<samlp:AuthnRequest xmlns:samlp=urn:oasis:names:tc:SAML:2.0:protocol xmlns:saml=urn:oasis:names:tc:SAML:2.0:assertion ProtocolBinding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST Version= version ID= iD
IssueInstant=DateTime.Now.ToString() Destination= destination />
<saml:Issuer> issuer /saml:Issuer>
<samlp:NameIDPolicy AllowCreate=true Format=urn:oasis:names:tc:SAML:2.0:nameid-format:transient/>
</samlp:AuthnRequest>
我的 requestStream.Write(postBytes, 0, postBytes.Length) 的 postBytes 由 "SAMLRequest=" + SAMLRequest< 创建的字符串中的 byte[] 组成/code>
希望我还没有失去你。
我的问题是:SAMLRequest 的值是否需要放在表单中,或者可以是编码后的 xml?是什么决定了这个决定?
提前致谢!
I am building HttpWebRequest to request a response containing a SAMLResponse to obtain a users name.
The response will be picked up by a Httpmodule.
After building my AuthRequest (as follows) the xml is defalted, base64 encoded then url encoded.
<samlp:AuthnRequest xmlns:samlp=urn:oasis:names:tc:SAML:2.0:protocol xmlns:saml=urn:oasis:names:tc:SAML:2.0:assertion ProtocolBinding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST Version= version ID= iD
IssueInstant=DateTime.Now.ToString() Destination= destination />
<saml:Issuer> issuer /saml:Issuer>
<samlp:NameIDPolicy AllowCreate=true Format=urn:oasis:names:tc:SAML:2.0:nameid-format:transient/>
</samlp:AuthnRequest>
My postBytes for requestStream.Write(postBytes, 0, postBytes.Length) consists of a byte[] from a string created from "SAMLRequest=" + SAMLRequest
Hopefully I havent lost you yet.
My question is: does the value of SAMLRequest need to be placed in a form or can it be the encoded xml? What determines this decision?
Thanks in advance!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
根据saml.xml.org:向 IdP 发出的 post 请求具有以下内容:
您当然可以用 C# 代码组装 HttpWebRequest 使用此表单内容以避免与嵌套表单相关的问题。
saml.xml.org 链接指定“SAMLRequest 参数的值是
如果您有可用的 IdP(例如 OpenSSO),您应该能够测试并查看什么作品。
我假设您正在尝试实施下图中的步骤 3。
免责声明:我自己还没有尝试过这个,所以请提供一些反馈来说明这个答案是否有帮助。
According to saml.xml.org: The post request issued to the IdP has the following content:
You can of course assemble a HttpWebRequest in C# code with this form content in order to avoid issues related to nested forms.
The saml.xml.org link specifies that "The value of the SAMLRequest parameter is the base64 encoding of the
<samlp:AuthnRequest>element"If you have an IdP (like OpenSSO) available you should be able to test and see what works.
I am assuming that you are trying to implement Step 3 in the diagram below.
DISCLAIMER: I Haven't tried this out myself, so please provide some feedback on whether this answer was helpful or not.
