堆栈内存溢出
  简体   繁体   English

具有Windows身份验证/当前登录用户的C#ADFS SAML令牌

[英]C# ADFS SAML token with Windows Auth / Current logged in user

 原文  2017-01-26 20:42:14       c#/ saml/ adfs

问题描述

How do I generate a SAML token without using credentials again? 如何在不再次使用凭据的情况下生成SAML令牌?

Scenario: I am trying to send a SAML token to SAP web service. 场景:我正在尝试将SAML令牌发送到SAP Web服务。 Since multiple users will be using this application I do not want to ask them for credentials but instead get them from current machine windows credentials and generate a SAML token. 由于多个用户将使用此应用程序,因此我不想向他们询问凭据,而是从当前的计算机窗口凭据中获取它们并生成SAML令牌。

This is what is currently being used in my code. 这就是我的代码中当前正在使用的内容。 

factory.Credentials.UserName.UserName = "bob";
factory.Credentials.UserName.Password = "abc!123";

// create token request
var rst = new RequestSecurityToken
{
    RequestType = RequestTypes.Issue,
    KeyType = KeyTypes.Symmetric,
    AppliesTo = new EndpointReference(_serviceAddress.AbsoluteUri)
};

1 个解决方案

解决方案1
 0  2018-05-31 17:28:43

I use this method in my code to pass through the credentials of the logged in user to our ADFS server for single-sign in to O365 from the applications I write; 我在代码中使用此方法将登录用户的凭据传递到我们的ADFS服务器,以便从我编写的应用程序单次登录O365; you might be able to adapt the code to suit your purposes: 您可能可以修改代码以适合您的目的: 

    private GenericXmlSecurityToken NewGetAdfsSamlTokenWinAuth()
    {
        try
        {
            WS2007HttpBinding binding = new WS2007HttpBinding(SecurityMode.Transport);
            binding.Security.Message.EstablishSecurityContext = false;
            binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;
            WSTrustChannelFactory factory = new WSTrustChannelFactory((binding), new EndpointAddress(this.adfsIntegratedAuthUrl));
            factory.TrustVersion = TrustVersion.WSTrustFeb2005;
            factory.Credentials.SupportInteractive = false;
            var rst = new RequestSecurityToken
            {
                RequestType = RequestTypes.Issue,
                AppliesTo = new EndpointReference("urn:federation:MicrosoftOnline"),
                KeyType = KeyTypes.Bearer
            };
            IWSTrustChannelContract channel = factory.CreateChannel();
            return channel.Issue(rst) as GenericXmlSecurityToken;
        }
        catch (Exception ex)
        {
            // Do something with the exception
        }
        return null;
    }

This will return a GenericXmlSecurityToken which has a TokenXml.OuterXml property that contains the SAML assertion. 这将返回一个GenericXmlSecurityToken,它具有一个包含SAML断言的TokenXml.OuterXml属性。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何通过C#获取通过ADFS和SAML登录到网站的特定用户的AD组列表信息? - How can get in C# the AD group list information for a specific user who has logged into a website through ADFS and SAML? 是否可以使用来自ADFS服务器的自定义c#模块将声明插入SAML令牌中? - Is it possible to inject claims into a SAML token using a custom c# module from an ADFS server? 使用Windows凭据从ADFS获取SAML令牌 - Getting SAML token from ADFS using windows credentials 获取Windows用户登录的C#ASP - Get windows user logged C# ASP 如何验证ADFS SAML令牌 - How to validate ADFS SAML token 如何从 ADFS 服务器获取 SAML 令牌以从 C# 中的动态 CRM 本地(非 sdk)中提取数据? - How to get a SAML token from ADFS sever to pull data from dynamics CRM on-premises (non-sdk) in c#? 闲置30分钟后,使用ADFS身份验证登录的用户将重定向到ADFS服务器 - User logged in using ADFS auth is getting redirected to ADFS server after 30 minutes of idle time 在 c# windows 服务中访问当前登录用户下载文件夹 - Access Current logged in Users download folder in c# windows service 如何获取已登录用户的联合令牌-Razor网站C# - How to get the Federated token of a logged in user - Razor site c# 登录用户而不是运行程序C#,Windows的用户 - Getting logged in user not the user running the program C#, Windows
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM