How to use metadata file (saml2)

Question

How to use metadata file (saml2)

I am working on a project that should integrate SAML2.0. I was suddenly thrown into this project, I need to get it to work. Here's the background: we created the files and wanted the client company to integrate using SAML2 to get to our website. We sent them a metafile.

Now the client company has sent the metadata file. I do not know how and what to do with this file. Any help would be appreciated.

ASP.NET, Framework 4.0

+6

saml

user1621009 Nov 08 '12 at 18:16

source share

4 answers

performanceuser · Answer 1 · 2012-11-08T18:41:22+0000

The metadata file basically provides you with information about your client. Such as entityID, credentials, etc. If it's an IdP, then it also contains a couple of URLs so you know where to send another request, for example. login request, attribute request request. You need to provide this metadata to your SAML component so that it knows who it should talk to.

Another primary goal is to establish a trust relationship between SP and IdP.

user3719030 · Answer 2 · 2014-06-09T16:31:16+0000

This is an old question, but I would like to add more information and resources for .NET.

SAML metadata is used to exchange configuration information between a Service Provider and an Identity Provider, and vice versa. Information may include:

Binging location
Name of the organization
The contact person
Single entry number
Single exit address

Metadata can be signed and encrypted to ensure reliable sending of information. The other side may need an appropriate public key for verification and decryption, and then it can be used to understand and establish a connection with SP or IdP.

You can see more information in the following blog posts:

smartin · Answer 3 · 2013-01-24T13:20:37+0000

Check out the SAML 2.0 metadata specification to see which items should be read by your implementation.

If you are looking for SAML2.NET Tookit, have a look at fooobar.com/questions/732855 / ...

Also, consider the open source SAML implementation to see how others have solved this problem before:

SimpleSAMLphp (PHP Idp / SP implementation). ( Metadata Parser )
Shibboleth IdP (Java) ( opensaml2 ) / SP (C)
spring -security-saml: SP (Java) ( metadata files )
Jboss (Java)

Rakesh · Answer 4 · 2013-02-16T21:22:25+0000

Metadata is nothing more than an XML file containing all the information your SAML implementation requires in order to talk to the host. you can extract information from this meta to get the information you need. Like public / private keys. I hope you also use the certificate to communicate securely with the host. This key is required to establish communication with an unknown host system.

How to use metadata file (saml2)

More articles: