Using WIF & ADFS to retrieve claims about a user
Question
Short Background: Currently my situation is such that I have a service (WCF) of which I do NOT control the WSDL/Interface. When the client calls "Submit" the user passes credientals. I then want to use those credentials to authenticate against ADFS and receive encrypted claims. Once I have these claims back as a RequestSecurityTokenResponse I have the RequestSecurityTokenResponse.SecurityTokenXml available (an encrypted XmlElement). It seems the RequestSecurityTokenResponse.SecurityToken is null (perhaps only one or the other is returned?)
Note: Because I do not control the WSDL, I am not forcing the user to authenticate in order to use the service, but rather using the credentials they send with a request to authenticate. This means I am doing this in code rather than in Config. I can post sample code if it is needed.
Questions:
- Does this sound like a reasonable approach given the circumstances?
- How would I decrypt this XmlElement with the certificate?
- Should I not encrypt the token?
1 answers
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.