问题
I have problem to validate the security token, i tried to use your code and other too, but when it try to validate ST I have thi error: ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry. To accept security tokens from this issuer, configure the IssuerNameRegistry to return a valid name for this issuer
i don't know hot confire the web config, can you help me?
this is the code:
//Microsoft.IdentityModel.Configuration.ServiceConfiguration serviceConfig = new Microsoft.IdentityModel.Configuration.ServiceConfiguration();
// Now read the token and convert it to an IPrincipal
System.IdentityModel.Tokens.SecurityToken theToken = null;
ClaimsIdentityCollection claimsIdentity = null;
using (XmlReader reader2 = XmlReader.Create(new StringReader(samlTokenXml)))
{
theToken = serviceConfig.SecurityTokenHandlers.ReadToken(reader2);
claimsIdentity = serviceConfig.SecurityTokenHandlers.ValidateToken(theToken);
}
IPrincipal principal = new ClaimsPrincipal(claimsIdentity);
Thank's Peppe
回答1:
WIF has the ConfigurationBasedIssuerNameRegistry class where you can map the signing thumbprint to an issuer name (of your choice).
Either new that class up programmatically and assign it to the ServiceConfiguration - or do it in web.config.
You need to know the thumbprint of the issuer though to succesfully validate the token - ask whoever sends you the token.
来源:https://stackoverflow.com/questions/21017515/web-config-convert-saml-security-token-to-claim-principal