Anyone can you please try to clarify my questions regarding single sign on using SAML.
string rawSamlData = Request["SAMLResponse"];
this code? Thanks in advance.
Rolling your own SAML is indeed possible, but it is a bit of work. I've done it on .NET 4.5 where there is support for validating the assertions, but I had to build my own handling of the saml protocol. On VS2005 you have far less support from the framework, but it's still doable.
To answer your questions:
A. Yes, Request["SAMLResponse"]
should contain the saml response from the idp.
B. The SAMLResponse will consist of BASE64-encoded xml with the SAML response.
C. The SAML <Response>
message contains an <assertion>
node which is the data of the user. You have to create a .NET Identity out of it yourself. Then you can use the forms auth cookie mechanism to keep the user signed in.
D. Don't understand the question.
You should be much better off if you could upgrade to .NET 4.5 that has better support for SAML and claims authentication built in. Nevertheless I think that the code I've done in Kentor.AuthServices is possible to backport to .NET 3.5.