[英]C# ADFS SAML token with Windows Auth / Current logged in user
How do I generate a SAML token without using credentials again? 如何在不再次使用凭据的情况下生成SAML令牌?
Scenario: I am trying to send a SAML token to SAP web service. 场景:我正在尝试将SAML令牌发送到SAP Web服务。 Since multiple users will be using this application I do not want to ask them for credentials but instead get them from current machine windows credentials and generate a SAML token. 由于多个用户将使用此应用程序,因此我不想向他们询问凭据,而是从当前的计算机窗口凭据中获取它们并生成SAML令牌。
This is what is currently being used in my code. 这就是我的代码中当前正在使用的内容。
factory.Credentials.UserName.UserName = "bob";
factory.Credentials.UserName.Password = "abc!123";
// create token request
var rst = new RequestSecurityToken
{
RequestType = RequestTypes.Issue,
KeyType = KeyTypes.Symmetric,
AppliesTo = new EndpointReference(_serviceAddress.AbsoluteUri)
};
I use this method in my code to pass through the credentials of the logged in user to our ADFS server for single-sign in to O365 from the applications I write; 我在代码中使用此方法将登录用户的凭据传递到我们的ADFS服务器,以便从我编写的应用程序单次登录O365; you might be able to adapt the code to suit your purposes: 您可能可以修改代码以适合您的目的:
private GenericXmlSecurityToken NewGetAdfsSamlTokenWinAuth()
{
try
{
WS2007HttpBinding binding = new WS2007HttpBinding(SecurityMode.Transport);
binding.Security.Message.EstablishSecurityContext = false;
binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;
WSTrustChannelFactory factory = new WSTrustChannelFactory((binding), new EndpointAddress(this.adfsIntegratedAuthUrl));
factory.TrustVersion = TrustVersion.WSTrustFeb2005;
factory.Credentials.SupportInteractive = false;
var rst = new RequestSecurityToken
{
RequestType = RequestTypes.Issue,
AppliesTo = new EndpointReference("urn:federation:MicrosoftOnline"),
KeyType = KeyTypes.Bearer
};
IWSTrustChannelContract channel = factory.CreateChannel();
return channel.Issue(rst) as GenericXmlSecurityToken;
}
catch (Exception ex)
{
// Do something with the exception
}
return null;
}
This will return a GenericXmlSecurityToken which has a TokenXml.OuterXml property that contains the SAML assertion. 这将返回一个GenericXmlSecurityToken,它具有一个包含SAML断言的TokenXml.OuterXml属性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.