wif

My context: .Net RESTful web service Client (mixed platforms, technologies, lib capabilities) has obtained a SAML token Trying to accept the token for authentication/authorization in the REST service in HTTP Authorization / X-Authorization header as query parameter Will also support SWT later, but need to get SAML tokens going Details: I have a SAML token in a string: <saml:Assertion xmlns:saml="..." ...> ..etc... </> In an HttpModule, I want to convert this into a ClaimsPrincipal so that my service can do the usual Thread.CurrentPrincipal as IClaimsPrincipal stuff. I found a couple enticing

I'm trying to run WIF Relying Party application on a shared host. They will not set the IIS Setting LoadUserProfile to true and as such I'm getting the following error: Message: The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating. ExceptionStackTrace: at System.Security.Cryptography.ProtectedData.Protect(Byte[] userData, Byte[] optionalEntropy, DataProtectionScope scope) at Microsoft.IdentityModel.Web.ProtectedDataCookieTransform.Encode(Byte[

I find in a code example downloaded the following line of code in an Action method of a controller. ViewBag.RoleId = new SelectList(RoleManager.Roles, "Id", "Name") or probably its async version ViewBag.RoleId = new SelectList(await RoleManager.Roles.ToListAsync(), "Id", "Name"); I am not able to fathom whats happening here. Also in the corresponding view, I nowhere see ViewBag.RoleId being used. Instead I find in the view @Html.DropDownList("RoleId","No Roles") There appears to be some trivial connection between the two. Can someone throw some light at whet I am missing. The following is the

We're developing a custom identity Provider(STS) to authenticate our applications. In this project we're using the Azure Acesses Control Services 2.0 and our Identity provider is a wsfederation. So, when starting the project, the azure ACS has had a url parameter called wctx, this parameter served to pass anything, and the ACS keeping the parameter when de ACS redirect to Identity provider, however now the parameter's value is encrypted when the login page is open, so we can't read. I'd like to pass a culture and who is calling the login page. Anybody have any ideia? The wctx parameter should

I am trying to validate a SAML response which is coming from Siteminder IDP from a third party. I have installed the certificate provided by them. When I call the ValidateToken method (System.IdentityModel.Tokens) to create claims, I get following error : WIF10201: No valid key mapping found for securityToken:'System.IdentityModel.Tokens.X509SecurityToken' and issuer: 'issuer uri' I dug in deep to find the error and its being thrown by method GetIssuerName (System.IdentityModel.Tokens). Where is the problem? I googled for this issue but didn't find anything specific to my case. Does the SAML