For some times there’s been bug reports to Kentor.AuthServices, IdentityServer3 and System.IdentityModel.Tokens.Jwt about enabling SHA256 XML signature support sometimes breaks JWT signing. It fails with an error of System.Security.Cryptography.CryptographicException: Invalid algorithm specified. This has been one of those annoying bugs where everyone’s solution works perfectly by itself, but combined they fail. I closed this issue… Continue reading Why Enabling SHA256 Support for XML Signatures Breaks JWT Signing
Tag: SAML2
Kentor.AuthServices 0.18.1 Breaking Changes
Today we released Kentor.AuthServices 0.18.1. It contains a number of bug fixes, but also a couple of breaking changes to a mostly internal API and logout handling. You are affected if… you build a HttpRequestData yourself, instead of using a build in ToHttpRequestData() extension method. you are using Single Logout and… you have a ClaimsAuthenticationManager… Continue reading Kentor.AuthServices 0.18.1 Breaking Changes
Authservices StubIdp Improvements: AttributeStatements and User Lists
This is an announcement of two new related features in the Authservices SAML2 StubIdp, AttributeStatements and user lists. AttributeStatements Until now the only identification related element supported by the StubIdp was the Subject NameID. In many SAML2 installations additional data, like roles and full name, are included as AttributeStatements. This has been supported by the… Continue reading Authservices StubIdp Improvements: AttributeStatements and User Lists
SAML2 for Thinktecture IdentityServer 3 with Kentor.AuthServices
Using the Kentor.AuthServices SAML2 Service Provider with Thinktecture IdentityServer 3 bridges the gap between SAML2 and OAuth2/OpenID Connect. Thinktecture IdentityServer 3 support clients using the modern OAuth2 and OpenID Connect protocols. It can either have a local account database through e.g. ASP.NET Identity, or use external authentication services. By registering Kentor.AuthServices with IdentityServer, IdentityServer can… Continue reading SAML2 for Thinktecture IdentityServer 3 with Kentor.AuthServices
Kentor.AuthServices 0.9.0 SAML2 for ASP.NET Released
The Kentor.AuthServices SAML2 Service Provider has got one important improvement for simplified operations: automatic metadata refresh. Identity providers and federations configured by loading metadata are now automatically refreshed based on the cache duration settings in the received metadata. Especially for federation setups this significantly simplifies the operations. When new identity providers are added to the… Continue reading Kentor.AuthServices 0.9.0 SAML2 for ASP.NET Released