Recently, one of my clients decided to support the SAML 2.0 for SSO to their website. Since, the plan was to just support it as Service Provider, it was decided to use a custom implementation in C# as the overall concept and idea is of SAML sounds very simple. In the end, even though we were able to make the service work and running in less than 2 days for internal demo, we ran into many integration problem when working with Identity Providers of client using the different SAML 2.0 implementation on various platforms. We run into problems like:
– Some clients were using Deflated XML while others were not
– Encryption Algorithms Choice per client
– Difference in the NameID format being used
– Difference in how SAML attributes were being communicated/passed