Is identity delegation via WS-Trust/ActAs supported in ACS?

断了今生、忘了曾经 提交于 2019-12-02 08:10:53

问题


I'm just getting started with claims-based security and have a question related to identity delegation. I've managed to set up a local dummy STS and a couple of WCF services that relies on it for authentication. A web application authenticates the user via the STS and makes a call to Service A on behalf of the user (using ChannelFactory.CreateChannelActingAs). This works fine.

Now I would like to use Azure Access Control Service (ACS) as a federation provider and sign in using a Google account (or whatever) instead, getting rid of the dummy STS altogether. I'm able to authenticate to the web application, but receive a "bad request" response when trying to make the call to the web service.

I realize that a number of things could be the problem, but then it also hit me that I haven't really checked if ACS even supports this ActAs concept of WS-Trust. I've found a forum thread that indicates that ActAs is not supported, but it's about six months old.

Can anyone confirm whether ActAs is supported in ACS? And if not, is there any other clever way of implementing identity delegation that is supported?


回答1:


No, ActAs is not yet supported in ACS. You would have to use another STS (e.g. your own, ADFS, etc)



来源:https://stackoverflow.com/questions/11296421/is-identity-delegation-via-ws-trust-actas-supported-in-acs

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!