sts-securitytokenservice

问题 We have a SSO portal that is authenticated via ADFS. If I call an API defined in this portal in the browser it automatically redirects to ADFS to authenticate then redirects to the portal with the Claim to call the API. What I'm trying to do is call the API from within a CRM Workflow. How can I mimic this redirect? I thought if I somehow got the token & put it in the HttpClient request, it would help. But I have no idea how it should be added to the HttpClient request. Is what I am trying to

问题 We are trying to get WCF and Java talking to each other using SAML tokens issued from an STS. Despite the fact that both sides are compliant with the standards, WS-Security, WS-Trust, WS-Policy, etc., they don't seem to talk to each other and one or the other will throw cryptic exceptions or ignore security headers. We are using .NET 3.5, WCF Federation binding on the MS side, and Axis2/Rampart/Rahas on the java side. Has anyone ever been able to make this work? 回答1: Axis2 is incomplete in

问题 We are trying to get WCF and Java talking to each other using SAML tokens issued from an STS. Despite the fact that both sides are compliant with the standards, WS-Security, WS-Trust, WS-Policy, etc., they don't seem to talk to each other and one or the other will throw cryptic exceptions or ignore security headers. We are using .NET 3.5, WCF Federation binding on the MS side, and Axis2/Rampart/Rahas on the java side. Has anyone ever been able to make this work? 回答1: Axis2 is incomplete in

问题 After researching on the topic of claims-Based security (or a federated security model). I've been coming across many examples that use CardSpace as an example. The main article that I read that gave a really great explanation of the subject was a PDF by Microsoft on a framework called Zermatt. The claims-based security architecture I'm looking into is the equivalent of implementing an STS Authentication Broker in combination with an STS Authorization Broker. This way, when I create a new

问题 I have a situation where we have a MVC 2 application(I tried this with a basic MVC 2 app without any extra stuff, still same problem) and am using adfs 2 for authenticating my users. So.. Now I get into my application and I get the below.. ID3206: A SignInResponse message may only redirect within the current web application: '/[app]' is not allowed. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information

问题 I'm trying to requests a security token from a STS service. The service is 3rd party, so I can't modify it, check logs, etc. The resulting request SOAP message looks almost identical to a sample request I have. It's only that there are two BinarySecurityToken elements added with identical values , while the proper request contains only one token. The SOAP message looks like this: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01

问题 I have the following: A website ASP.Net application acting as an Identity Provider (IDP STS) Federation Provider (FP STS) A Resource ASP.NET MVC WebSite acting as (RP) when trying to access a Resource in RP, it goes thru the FP STS and gets redirected to IDP STS. User puts their credentials and upon validity of that, IDP provides some claims that are passed to FP STS and then sent back to RP. on the RP side, claims are received and resource is proivded. How do i make additional claim requests

问题 Need to add STS to my web project, and I got some guide from my colleague: Add STS Reference command by right-clicking the web project in Visual Studio and select Identity and Access but I can't find it in my VS 2015. Have tried to search it in a google, but failed. Can somebody tell me, how i can add this service to my project? 回答1: See this post Here you can find instruction how to configurate Claims-Based Authentication in you project. 来源： https://stackoverflow.com/questions/45593159

问题 We are running a set of WCF services over HTTPS and using the ws2007FederationHttpBinding binding to authenticate against a STS. Now we need to add a dual/duplex service using the same authentication technique. Know Your Binding Options states that only wsDualHttpBinding is available for duplex services. Can i use it together with my STS and if yes does somebody know how to configure it? 回答1: No, and if outward facing, dual binding is generally a bad idea. http://blog.gdssecurity.com/labs

问题 I'm looking for Examples of how to a STS in .Net 4.5 using WCF. So the scenario is I have a MVC 4 web app that I want to write an STS to authenticate and get claims that stores its data in the traditional SqlMembershipProvider database schema that we all know and love. I'm guessing the STS could be a simple WCF service. I've googled around but can only find stuff that shows how to do all this when the WIF was separated from the Core Framework. I.e. before it was embedded in .Net 4.5 回答1: