We are looking to create a site that will allow users to log into our web application from a variety of third-party identity providers using the SAML 2.0 (specifically Shibboleth) protocol.
Service Provider (this is us - we are the application users are being directed to one logged in)
Identity Provider (this is the service we are connecting to for logins)
To accomplish this, we have decided to leverage the third-party ComponentPro SAML library (30-day trial available for download) however we are open to another solution if it accomplishes the same task:
[login to view URL]
This will include a login page where a user can select from a list of available providers which will be changed/added to (for now hard-coded in codebehind but ultimately pulled from a database), the logic to connect to the third-party identity provider login page via Shibboleth (via ComponentPro), and getting returned values from the provide upon successful authentication (ultimately the user ID, possibly first/last name and email as well).
Here is what we will need:
1. A login page where the user will select one of several providers they will use to log in. Initially we are looking for a page where a user can select from minimally a drop-down menu. When the user clicks login, the ComponentPro library will be invoked and the user will be directed via SAML to the provider's login page. For proof of concept, you will need to use a test SAML identity provider (ComponentPro should have one available or you can use [login to view URL])
The transactions to and from the provider's login page should be handled by the ComponentPro library and will need to be coded including creating a valid metadata file, certificate, and handling, etc...
3. The third-party identity provider site will return (assuming) a user ID of some sort. Upon successful login, we are expecting at a minimum a user ID to be returned. If we can get first/last name and email better - not sure if they are in a standard format across providers.
Experience-level for this project will be:
1. Familiarity with ASP.NET C#-based web sites using standard web forms (this project is not using MVC). Framework version 4.0 or better.
2. Experience using an off-the-shelf third party library (in this case ComponentPro). There is a 30 day trial version available so you should not need to purchase anything for this project.
3. Some experience with SAML authentication particularly Shibboleth-based authentication. Shibboleth is required.
Well-formatted and documented full source code for an ASP.NET (C#) website consisting of the following:
1. [login to view URL], .[login to view URL] - login page consisting of a drop-down to select a provider (at least one test provider must be available to demonstrate the code works - see [login to view URL] for a sample identity provider) - business logic to connect via SAML (Shibboleth required) to provider and redirect to provider login page (this will be written and well-documented including any certificate handling necessary) - business logic to connect via SAML (Shibboleth required) to provider and obtain user ID after successful login
2. [login to view URL], .[login to view URL] - page that prints out the user ID returned from the Shibboleth server showing successful login
3. MetaData XML file to be shared with identity providers
4. Documentation as to how to properly configure a new identity provider for use with this site (how to generate certificate files and metadata files).
31 威客就此工作平均出价 $1248
Hi there, I have checked the details I have great experience with .NET, ASP.NET, C# Programming, OAuth. Please start the chat so we can discuss this job more in detail. Thanks
ASP.NET, C# website development - these are in my strong skillsets and rich experiences of 10+ years. I am looking forward to talking with you to discuss more details. Best Regards, Zhang
Hi There, I am an expert in .Net and I would love to assist you. I have 5+ years of experience. I can provide you all the features and functionality. Let’s have the further discussion over chat. Thanks and Regards