Implementing Passive STS in ASP.NET
Question
I have installed WIF Runtime and WIF SDK v4.0 and created an "ASP.NET Security Token Service Web Site" in Visual Studio 2010 (see this link ).
When I run the site, type in any username/password combo, and press "Submit", I get the following exception:
The action < EMPTY > (Request.QueryString['wa']) is unexpected. Expected actions are: 'wsignin1.0' or 'wsignout1.0'.
So a few things:
- I realize I have no relying party (aka. client application), but is this necessary to test the site?
- I'm probably missing a few steps (such as creating a client app). What steps am I missing?
1 answers
solution1
2 ACCPTED 2012-06-01 17:05:33
I have a six part tutorial on writing your custom STS, starting here (first three are enough for you):
http://netpl.blogspot.com/2011/08/adfs-20-quest-for-customizing-adfs-sign.html
http://netpl.blogspot.com/2011/08/quest-for-customizing-adfs-sign-in-web.html
http://netpl.blogspot.com/2011/08/quest-for-customizing-adfs-sign-ing-web.html
In short - yes. You need a RP which redirects to your STS with proper wa (for example wsignin1.0 ). This is done either with the WSFederationAuthenticationModule or wif:FederatedPassiveSignIn control at the RP side.
Writing your own RP is really easy and I can't think of testing your STS without valid requests from a RP.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.