我有一个SAML令牌,其格式如下:

<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" MajorVersion="1" MinorVersion="1" AssertionID="_341bea3b-f497-4a4f-adff-2bd65e44fd67" Issuer="http://127.0.0.1:81/" IssueInstant="2012-03-12T15:08:26.618Z">
<saml:Conditions NotBefore="2012-03-12T15:08:26.585Z" NotOnOrAfter="2012-04-23T07:08:26.585Z">
    <saml:AudienceRestrictionCondition>
        <saml:Audience>http://127.0.0.2:83/</saml:Audience>
    </saml:AudienceRestrictionCondition>
</saml:Conditions>
<saml:AttributeStatement>
    <saml:Subject>
        <saml:SubjectConfirmation>
            <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod>
        </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Attribute AttributeName="name" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims">
        <saml:AttributeValue>tempName</saml:AttributeValue>
    </saml:Attribute>
</saml:AttributeStatement>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <ds:Reference URI="#_341bea3b-f497-4a4f-adff-2bd65e44fd67">
        <ds:Transforms>
            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        </ds:Transforms>
        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <ds:DigestValue>4dssZKnMKbLVftPXnSxZlDjrKnDtyQ8Sb7FRup6wkwE=</ds:DigestValue>
    </ds:Reference>
    </ds:SignedInfo>
<ds:SignatureValue>
REkPevPfjE86v+SCxGiomP2CConIVjTxuUpCIFDc+sAWUtEq3cMYZDwYfGKgEaSboIv1SUfYl8dUAEhQ+CjlCg7p3jF38f64HxexWHuLty2K+us74OmvK2F8CtG+xgwURAtJ14a6j/dTzuqzpn3hhHI7EXmrW1C5vrSAMQrVcyk=
</ds:SignatureValue>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
    <X509Certificate>
    MIICeDCCAeGgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBgDELMAkGA1UEBhMCR0IxDzANBgNVBAgTBkxvbmRvbjERMA8GA1UEBxMIVmljdG9yaWExITAfBgNVBAoTGFRob21zb25zIE9ubGluZSBCZW5lZml0czEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFDASBgNVBAMTC1Rlc3RpbmdDZXJ0MCAXDTExMDkxOTAwMDAwMFoYDzQwMDAwNzE5MTgwMzMzWjCBgDELMAkGA1UEBhMCR0IxDzANBgNVBAgTBkxvbmRvbjERMA8GA1UEBxMIVmljdG9yaWExITAfBgNVBAoTGFRob21zb25zIE9ubGluZSBCZW5lZml0czEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFDASBgNVBAMTC1Rlc3RpbmdDZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC16AgeosO1rNdNU1nzAODZTcRuhoew3wJdVAbIcYqU57MLAYIhGIU/tovSGEOHnKjzNciYmXwLV6dVSCuygoOADNMAAgsfWYHDk2iZZLM8XuM2N6VVtJk/pc4wEITxBHLMqeCrJXTN/6JvTB1AHZWmfFm8jqMuMpXlowNEGoMJQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAExdjee3nfJ5wFtOrQcIwblrrM/XWfzhaj4Zzd6Bc/dofP44/PpMqwdyiJWYf/DmsXTM4YZ2HbdJyWXHCR+m/neWE1diVXlEAuArrjHDFWvsmqqK3bpKzSzabQF4wVxHaxbn49zUqale+tr5gXK36MKwq3I54ohd0T2i7HO8hKhF
    </X509Certificate>
</X509Data>
</KeyInfo>
</ds:Signature>
</saml:Assertion>


我想从一个MVC控制器重定向到另一个MVC应用程序中的另一个页面,并传递此SAML令牌。最好的方法是什么?

最佳答案

您可以像WIF模块那样(以及其他一些STS提供程序)通过发送带有隐藏的输入(包含令牌)的表单以及将表单发布到目标的JavaScript脚本来完成此操作。

像这样的东西:

<html>
<head>
<title>Working...</title>
</head>
<body>
<form method="POST" name="hiddenform" action="http://emadashi.com/"><input type="hidden" name="wa" value="wsignin1.0" />
<input type="hidden" name="wresult" value="your-http-encoded-token-here" />
<noscript><p>Script is disabled. Click Submit to continue.</p>
<input type="submit" value="Submit" /></noscript>
</form>
<script language="javascript">window.setTimeout('document.forms[0].submit()', 0);</script>
</body>
</html>


而且,如果您深入研究SignInRequestMessage类,并检查方法WriteFormPost,您将看到它会吐出此类代码。

这个问题迟到了,但是我希望这对仍在寻找答案的人有所帮助。

关于c# - 如何在MVC3中使用SAML声明发布到另一个网站?,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/9670590/

10-11 22:59
查看更多