问题
I have the following:
- A website ASP.Net application acting as an Identity Provider (IDP STS)
- Federation Provider (FP STS)
- A Resource ASP.NET MVC WebSite acting as (RP)
when trying to access a Resource in RP, it goes thru the FP STS and gets redirected to IDP STS. User puts their credentials and upon validity of that, IDP provides some claims that are passed to FP STS and then sent back to RP. on the RP side, claims are received and resource is proivded. How do i make additional claim requests from RP?
Any suggestions or direction would be great! Thank you,
回答1:
The FP should provide the claims you need, whether by trasnforming the claims it gets from the IdP or by adding any missing ones.
In the classic setting, the FP knows about all the claims needed by the RPs that trust in it.
Is anything preventing you from getting those?
Sometimes, provinding all claims needed at once is not possible. For example, some eventually needed claims for a user might be to expensive to obtain and they might not be actually needed. In those situations, you can use this techinque: http://msdn.microsoft.com/en-us/library/ee517290.aspx
(Caveat: I haven't implemented or used it)
来源:https://stackoverflow.com/questions/3638471/how-do-i-request-additional-claims-from-passive-sts-with-wif