使用WIF和ADFS检索有关用户的声明
[英]Using WIF & ADFS to retrieve claims about a user
问题描述
Short Background: Currently my situation is such that I have a service (WCF) of which I do NOT control the WSDL/Interface. 
简短的背景:目前我的情况是这样的,我有一个服务(WCF),其中我不控制WSDL /接口。 When the client calls "Submit" the user passes credientals. 当客户呼叫“提交”时,用户将通过证书。 I then want to use those credentials to authenticate against ADFS and receive encrypted claims. 然后,我想使用这些凭据对ADFS进行身份验证并接收加密的声明。 Once I have these claims back as a RequestSecurityTokenResponse I have the RequestSecurityTokenResponse.SecurityTokenXml available (an encrypted XmlElement). 一旦将这些声明作为RequestSecurityTokenResponse返回,我就可以使用RequestSecurityTokenResponse.SecurityTokenXml(加密的XmlElement)。 It seems the RequestSecurityTokenResponse.SecurityToken is null (perhaps only one or the other is returned?) 似乎RequestSecurityTokenResponse.SecurityToken为null(可能仅返回一个或另一个?)
Note: Because I do not control the WSDL, I am not forcing the user to authenticate in order to use the service, but rather using the credentials they send with a request to authenticate. 注意:因为我不控制WSDL,所以我不是在强迫用户进行身份验证以使用该服务,而是使用用户发送的带有身份验证请求的凭据。 This means I am doing this in code rather than in Config. 这意味着我是在代码中而不是在Config中执行此操作。 I can post sample code if it is needed. 如果需要,我可以发布示例代码。
Questions: 问题:
- Does this sound like a reasonable approach given the circumstances? 在特定情况下,这听起来像是一种合理的方法吗?
- How would I decrypt this XmlElement with the certificate? 如何使用证书解密此XmlElement?
- Should I not encrypt the token? 我不应该加密令牌吗?
1 个解决方案
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.