Overview
You should have an Azure account to log in. Please create a new account using the link
here.
This is the sample architectural diagram for Azure SSO in On-Premises.
Step 1
The dashboard page will be displayed when we log in the Azure account. Type “Enterprise applications” in the search box and select it.
The selection will be redirected to the “New Application” page.
Step 2
The “New Application” button is selected to create a new enterprise application.
The table contains exiting applications that are created by internal & cloud users. Click on “New Application”.
Step 3
You can see three options on this window.
Click on “Non-gallery application” to integrate your applications.
Step 4
Give any name for the application and click on Add. In the bottom of the text box, a Support link will be displayed. The Support indicates that you are creating an SAML based single sign-on.
Step 5
Once you create a new application, it will come under the Overview page. Here, you can check the following.
- User and Groups
- Single Sign-on
- Owner
- Permissions and etc.
Step 6
Select “Users and Groups” and add any member from the list. The main purpose of this is to add login credentials through SSO.
Step 7
I have included one member for testing. The count will display on the Overview page.
Step 8
Click on to Single Sign-on on the left side of the panel and click on SAML method.
Step 9
The new SAML method has been created.
Step 10
You should have SAML supported application in your technology. I am using the .NET framework.
Set your destination on it. Here, www.test.com is my replying party.
Step 11
The below notification will display when you have done your configurations and click on Save.
Step 12
This is an auto-generated key from SAML Signing Certificate.
Step 13
Click on “Test this application” to check your SSO login process.
Step 14
Click on Single Sign-On as Current User to check the application.
Step 15
You can see the redirection through microsoftonline.com.
Step 16
The SSO authentication will reach your given relaying party URL.
.NET Code
This is SAML supported code to get SAML response from Windows Azure method. Use the following code on your .Net application and check it.
- string strVarCallResult = string.Empty;
- string ClaimUserID = string.Empty;
- string ClaimEmployeeID = string.Empty;
-
- try
- {
- foreach (string s in Request.Params.Keys)
- {
- if (s.ToString() == "SAMLResponse")
- {
- rawSamlData = Request.Params[s];
- break;
- }
- }
-
- byte[] samlData = Convert.FromBase64String(rawSamlData);
-
-
- string samlAssertion = Encoding.UTF8.GetString(samlData);
-
- XmlDocument doc = new XmlDocument();
- XmlNamespaceManager xMan = new XmlNamespaceManager(doc.NameTable);
- xMan.AddNamespace("saml2p", "urn:oasis:names:tc:SAML:2.0:protocol");
- xMan.AddNamespace("saml2", "urn:oasis:names:tc:SAML:2.0:assertion");
- xMan.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
-
- doc.LoadXml(Encoding.UTF8.GetString(samlData));
-
- XmlNode xNode = doc.SelectSingleNode("/saml2p:Response/saml2:Assertion/saml2:Subject/saml2:NameID", xMan);
-
- if (xNode != null)
- {
- UserId = xNode.InnerText;
- ClaimUserID = xNode.InnerText;
-
- }
- }
- catch (Exception ex)
- {
-
- }
Please let me know if you have any queries on this.