wif

I'm getting the following error in my client application when it tries to authenticate to my service: ID3242: The security token could not be authenticated or authorized Here is the configuration of the client: <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.serviceModel> <bindings> <ws2007HttpBinding> <binding name="stsBinding"> <security mode="Message"> <message clientCredentialType="UserName" establishSecurityContext="false" negotiateServiceCredential="true"/> </security> </binding> </ws2007HttpBinding> <ws2007FederationHttpBinding> <binding name="echoClaimsBinding">

I need to generate and issue a token to clients based on username/password authentication. I've tried several approaches to solving this problem, but all of them have run into issues. My first plan was to implement WS-Trust Issue on my WCF endpoint. The example I found which did this used: [OperationContract(Action = "http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", ReplyAction = "http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue")] Message IssueToken(Message rstMessage); However, the changes to WIF in 4.5 to integrate it into the .NET Framework proper have broken the rest of the

I am using Windows Identity Foundation. (With some MVC 2.0 sites) I am having real problem signing someone out of all the sites protected by WIF. It looks like my sign out is only signing people out on the current site. This is my code public void FederatedSignOut(string replyUrl) { var authModule = FederatedAuthentication.WSFederationAuthenticationModule; WSFederationAuthenticationModule.FederatedSignOut(new Uri(authModule.Issuer), new Uri(replyUrl)); } After running this code i can still browse to any other sites that the user has visited. But i am logged out of the site i signed out of.

When adding an STS reference, I input the my windows azure federation metadata URL and it gives me the error in the title. It works if I create a new namespace, but a lot of stuff is configured on the current namespace, so I can't delete it. So for anyone that would get this error, it's a simple fix. You need a X.509 certificate configured as primary in your ACS namespace. To do this you go under your acs configurations, in certificates and keys then you add a X.509 by uploading a .pfx file to the server and entering the password. You might also need a symmetric key also set as primary

When using sliding sessions in WIF with the session authentication module (SAM) and Thinktecture IdentityModel as described in brockallen's blog . The session security token issued and written to the cookie has it's "valid to" extended as required and the cookie is set accordingly. But, the BootStrapToken serialized to the current claims Identity remains the old one, with the potentially expired token. This causes problems when trying to use the bootstrap context token for different reasons (among them could be Implementing “Poor Man”’s Delegation ) . What is the best way to update the

I am also getting a request validation error when using WIF. I get correctly sent to the STS, but on the way back, I get this validation error. I followed all the instructions. <httpRuntime requestValidationMode="2.0" /> check! [ValidateInput(false)] check! <pages validateRequest="false" > check! I tried a custom validator, but it never gets instantiated. Error stack: [HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (wresult="trust:RequestSecuri...").] System.Web.HttpRequest.ValidateString(String value, String collectionKey,