ws-trust


Securing WCF 4.5 service using Azure ACS 2.0 [duplicate]

本秂侑毒 提交于 2019-12-18 13:48:16
问题 This question already has an answer here : Azure Active Directory and WCF [closed] (1 answer) Closed 6 years ago . How can I secure my WCF 4.5 service using Azure ACS 2.0? 回答1: Here is a basic tutorial: WCF (SOAP) Service With Federated Authentication Then you can look at samples by Dominick Baier and Brock Allen here: Thinktecture.IdentityModel.45. Also you can try to use Visual Studio tool for adding STS reference and point it to Azure ACS. AFAIK endpoint Uri is something like this for

Signed SOAP header has two BinarySecurityTokens (when in fact it could and should have one)

情到浓时终转凉″ 提交于 2019-12-13 20:24:16
问题 I'm trying to requests a security token from a STS service. The service is 3rd party, so I can't modify it, check logs, etc. The resulting request SOAP message looks almost identical to a sample request I have. It's only that there are two BinarySecurityToken elements added with identical values , while the proper request contains only one token. The SOAP message looks like this: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01

What are the security implications of establishSecurityContext=“False” and negotiateServiceCredential=“False”

泪湿孤枕 提交于 2019-12-11 08:56:11
问题 We've set establishSecurityContext="False" and negotiateServiceCredential="False" on a wsHttpBinding . In a setup where every single web service call involves connecting and disconnecting, this reduces the number of requests per web service call from 5 to 1, providing a significant performance improvement. The client has been configured to know the server identity via the identity node: <endpoint address="..." behaviorConfiguration="..." binding="wsHttpBinding" bindingConfiguration="..."

Call WCF service with issued token

荒凉一梦 提交于 2019-12-11 05:18:21
问题 I attempt the following: A WCF client calls a STS and gets SAML assertion The client calls a service using the SAML assertion Now I have implemented the scenario above as three LinqPad scripts: client.linq , sts.linq (self hosted WCF service) and service.linq (self hosted WCF service). They can all be found at https://github.com/codeape2/WCF_STS I need some help getting this to work. Using the following code in client.linq , I am able to call my STS and get a SAML assertion: SecurityToken

Azure Active Directory and WCF [closed]

余生长醉 提交于 2019-12-11 03:37:03
问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 6 years ago . How can I secure a WCF service using Azure Active Directory: My Status: - My WCF service that contains the business logic is hosted on Azure WebRole. I want your help to do the following: Configure my WCF Service in Azure to federate the authentication process to Azure Active directory. Configure my WCF Client

Is identity delegation via WS-Trust/ActAs supported in ACS?

断了今生、忘了曾经 提交于 2019-12-02 08:10:53
问题 I'm just getting started with claims-based security and have a question related to identity delegation. I've managed to set up a local dummy STS and a couple of WCF services that relies on it for authentication. A web application authenticates the user via the STS and makes a call to Service A on behalf of the user (using ChannelFactory.CreateChannelActingAs). This works fine. Now I would like to use Azure Access Control Service (ACS) as a federation provider and sign in using a Google

what protocol to use with ADFS when security webapi for non-browser clients

匆匆过客 提交于 2019-12-02 04:02:06
问题 Our webapi endpoints are used for both browser based clients (angular) and non-browser based clients (restsharp) and the webapi are currently secured using passive WS-Federation as the protocol and ADFS as the STS. We currently use a rather convoluted workaround for the restsharp clients since passive WS-Federation really isn't optimal for non-browser clients so we would like to find a better way to secure our webapi endpoints for these types of clients without having to replace ADFS or add

Is identity delegation via WS-Trust/ActAs supported in ACS?

萝らか妹 提交于 2019-12-02 03:21:19
I'm just getting started with claims-based security and have a question related to identity delegation. I've managed to set up a local dummy STS and a couple of WCF services that relies on it for authentication. A web application authenticates the user via the STS and makes a call to Service A on behalf of the user (using ChannelFactory.CreateChannelActingAs ). This works fine. Now I would like to use Azure Access Control Service (ACS) as a federation provider and sign in using a Google account (or whatever) instead, getting rid of the dummy STS altogether. I'm able to authenticate to the web

How to pass a certificate to WSTrust to get Saml Token

。_饼干妹妹 提交于 2019-12-02 03:14:10
问题 Here is an example of getting tokem using WSTrustChannelFactory. From here. var stsBinding = new WS2007HttpBinding(); stsBinding.Security.Mode = SecurityMode.TransportWithMessageCredential; stsBinding.Security.Message.EstablishSecurityContext = false; stsBinding.Security.Message.NegotiateServiceCredential = false; stsBinding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate; WSTrustChannelFactory trustChannelFactory = new WSTrustChannelFactory( stsBinding , new

How to specify a certificate as the credentials for a wsTrustChannel with Thinktecture IdentityServer

佐手、 提交于 2019-11-30 09:31:26
问题 I would have thought that one could basically switch the client credentials from this: var clientCredentials = new ClientCredentials(); clientCredentials.UserName.UserName = "MyUserName" clientCredentials.UserName.Password = "MyPassword" to: var clientCredentials = new ClientCredentials(); clientCredentials.ClientCertificate.Certificate = myX509Certificate; and then create a wsTrustChannel to get a security token. wsTrustChannelFactory.SetCredentials(clientCredentials); var channel =

工具导航Map