I am looking to setup IIS to use it as Service provider for SAML 2.0.
Our client already has SAML IDP setup done. We as a Web Application provider need to support SSO with SAML 2.0 with our application supporting as Service Provider.
I have looked at couple of options..
1. Application level implementation of SAML 2.0 as a service provider to use client's browser to redirect requests back and forth to client's third party IDP to authenticate user and eventually use the authentication token to allow SSO.
2. To use Shibboleth as explained in below link, with IIS, to setup IIS as the SP (service provider) and handle SSO authentication before application gets the request with authenticated SSO.
https://www.gluu.org/docs/integrate/iis-saml/
I am looking for options to see if there is anything in-built in IIS 8.0 or later which can help use IIS as a service provider to manage authentication and then route the request to .net web application once SAML 2.0 authentication is successful.
Edit: Also I want it to be able to manage multi-tenant environment where its possible only have certain URL/clients to have SSO enabled where other go with custom application authentication to support multiple authentication model. I believe this should be doable by defining specific URL for SSO authentication within IIS (in case IIS supports to work as Service Provider)
Thanks.