sts-securitytokenservice

CryptographicException KeySet does not exists

阅读更多关于 CryptographicException KeySet does not exists

问题 I am using Thinktecture Identity server and running it in azure. The issue I am having is that sometimes when I read the Federation metadata XML file or while signing in I get this Keyset does not exists CryptoGraphic exception . Now i know these exceptions can be caused if we do not have proper permissions but the thing is that it just happens sometimes and other times it is working fine. I am not sure how to debug this. Can someone please lead me in some direction. Also if someone has any

Where Federation authentication token is saved [WIF STS]?

阅读更多关于 Where Federation authentication token is saved [WIF STS]?

问题 While i started to explore WIF, i have a doubt on the following: In the Windows Identification Foundation[WIF],looking on to Security Token Service[STS], i wish to know where the federation authentication token is being saved? I think its in browser cookie, if so can anyone please give me a insight about it? 回答1: I used the 'Fiddler' Web debugger to find the answer to this question. Here's what happens: Let's suppose that the name of your application is SecureApp and the name of your STS is

Using STS and WCF having issue with unsecured or incorrectly secured fault exception

阅读更多关于 Using STS and WCF having issue with unsecured or incorrectly secured fault exception

问题 I'm working with a couple of WCF services all secured using WIF and a STS provider (all using out of the box Microsoft code and examples). These services were all built using .NET 3.5 and have all been recently updated to .NET 4.0. ALL .dlls associated with the services have been updated to 4.0 as well. These services had worked as-is for years until I updated the framework versions. The problem is now when a call is made to a WCF service that secured by the STS WCF service, there is an error

Looking for a secure and robust STS implementation

阅读更多关于 Looking for a secure and robust STS implementation

问题 I am faced with a project that uses custom authentication via a WCF service that returns a set of claims based on some data identifying a user, close to user name and password. Then on top of this, I have a custom STS, derived from Microsoft.IdentityModel.SecurityTokenService , that resides in an ASP.NET web site project. This project looks like it was created with the VS2010 template, and not carefully had-crafted. My gut feeling, and lots of on-line advice tell me that this web site STS

Owin WS-Federation setting up token sliding expiration

阅读更多关于 Owin WS-Federation setting up token sliding expiration

问题 Can somebody explain how to implement sliding expiration using the new Owin WS-Federation plugin? On the client side, at WS-Fedeartion configuration I see that there are some events like : Notifications = new WsFederationAuthenticationNotifications { SecurityTokenReceived = ..., AuthenticationFailed = ..., RedirectToIdentityProvider = ..., MessageReceived = ..., SecurityTokenValidated = .... }, But because the lack of documentation I can't really figure it out where an how? At the moment my

Looking for a secure and robust STS implementation

阅读更多关于 Looking for a secure and robust STS implementation

I am faced with a project that uses custom authentication via a WCF service that returns a set of claims based on some data identifying a user, close to user name and password. Then on top of this, I have a custom STS, derived from Microsoft.IdentityModel.SecurityTokenService , that resides in an ASP.NET web site project. This project looks like it was created with the VS2010 template, and not carefully had-crafted. My gut feeling, and lots of on-line advice tell me that this web site STS project is very far from production ready. I am now looking for an MVC based STS that I can use in

Owin WS-Federation setting up token sliding expiration

阅读更多关于 Owin WS-Federation setting up token sliding expiration

Can somebody explain how to implement sliding expiration using the new Owin WS-Federation plugin? On the client side, at WS-Fedeartion configuration I see that there are some events like : Notifications = new WsFederationAuthenticationNotifications { SecurityTokenReceived = ..., AuthenticationFailed = ..., RedirectToIdentityProvider = ..., MessageReceived = ..., SecurityTokenValidated = .... }, But because the lack of documentation I can't really figure it out where an how? At the moment my STS is issuing tokens with absolute expiration : protected override Lifetime GetTokenLifetime(Lifetime

WIF STS ID3242: The security token could not be authenticated or authorized

阅读更多关于 WIF STS ID3242: The security token could not be authenticated or authorized

问题 I'm getting the following error in my client application when it tries to authenticate to my service: ID3242: The security token could not be authenticated or authorized Here is the configuration of the client: <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.serviceModel> <bindings> <ws2007HttpBinding> <binding name="stsBinding"> <security mode="Message"> <message clientCredentialType="UserName" establishSecurityContext="false" negotiateServiceCredential="true"/> </security> <

WIF STS ID3242: The security token could not be authenticated or authorized

阅读更多关于 WIF STS ID3242: The security token could not be authenticated or authorized

I'm getting the following error in my client application when it tries to authenticate to my service: ID3242: The security token could not be authenticated or authorized Here is the configuration of the client: <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.serviceModel> <bindings> <ws2007HttpBinding> <binding name="stsBinding"> <security mode="Message"> <message clientCredentialType="UserName" establishSecurityContext="false" negotiateServiceCredential="true"/> </security> </binding> </ws2007HttpBinding> <ws2007FederationHttpBinding> <binding name="echoClaimsBinding">