Our SAML Service Provider component needs to store Artifact data when using HTTP Artifact Binding to send SAML messages to the partner Identity Provider. This data includes sensitive SAML messages that are exchanged via the backchannel when using HTTP Artifact Binding.
This data is accessed dynamically at runtime using services in the DI container. The store interface is designed to abstract accessing the data. This gives you the flexibility to implement our interface yourself, allowing you to use any database of your choice.
We provide EntityFramework Core implementations for relational databases by default. This means that you can use any EF-supported database with our component. When using EntityFramework, we recommend initializing your database and running migrations following the advice in EntityFramework Core Migrations documentation.
For our Service Provider component, we provide 2 implementations of the
- In-memory Artifact Store
- EntityFramework Core Artifact Store
Note: Both SAML Identity Provider and SAML Service Provider components make use of
ISamlArtifactStore, as they can both use HTTP Artifact binding to send messages. If you are acting as both Identity Provider and Service Provider, the same artifact store will be used by both IdP and SP. This means that the last registered implementation in the DI container will be utilized. You only need to register the
In-Memory Artifact Store
This is the default store registered when you add
AddSaml2p(). The in-memory artifact store,
SamlInMemoryArtifactStore, uses an in-memory collection to store sensitive artifact exchange data. If you are using HTTP Artifact binding in production, we recommend using a different implementation.
EntityFramework Core Artifact Store
To use the EntityFramework Core artifact store,
SamlArtifactStore, you will need to install our core SAML EF package.
dotnet add package Rsk.Saml.EntityFramework
To use the EF artifact store, use the
AddSamlArtifactStore extension. The
SamlArtifactStoreOptions class contains properties that allow you to control the EF store and the underlying
var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name; services.AddSamlArtifactStore(options => options.ConfigureDbContext = dbContextBuilder => dbContextBuilder.UseSqlServer( "<connection_string>", sqlServerOptions => sqlServerOptions.MigrationsAssembly(migrationsAssembly)));
Registering a Custom Artifact Store
To register a custom artifact store implementation, use the