While trying to learn the ADFS 2.0 environment, I created an empty ASP.NET Claims aware application to be the RP using Visual Studio 2010.
using ADFS 2.0 I did the following:
Now I did the following steps:
The ADFS 2.0 now, redirects me to the URL configured for the IDP and a SAMLRequest is attached to the request. (which is great)
However, The SAML Request arrived to IDP does not contain any ACS URL (More techninally, there is no XML node of "AssertionConsumerServiceURL"),
Isn't ACS URL is mandatory attribute in SAML Request?
Thanks ! Yoash
No, the ACS URL is not a mandatory attribute in a SAML 2.0 AuthnRequest. This information is typically exchanged in the meta-data when you setup the trust relationship between the IDP and SP. This simplifies the security check the IDP must do if the ACS URL or ACS Index is present (must be the same as the meta-data or AuthnRequest MUST be digitally signed).
We've done quite a bit of interop work with MS WIF/WCF Claims aware applications via our STS as well as SAML 2.0 with ADFSv2 if you'd like some more information.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.