سؤال
I have a custom STS made in WIF that works as an IDP and now I need to configure SSO to a Service Provider made in SimpleSamlPHP. (The SP only supports Post Binding and Web Browser SSO Profile.)
Any, idea on how should I approach this requirement? Does WIF support Post Binding and SAML 2.0?
Any idea will be greatly appreciated, Thanks!
المحلول
As per @Wiktor, there is no SAML support in WIF.
But you need the server side of the SAML stack not the client side.
Your best bet may be to put ADFS v2.0 in the middle and use it as a broker to provide the SAML support.
If you want SAML support, vote here.
نصائح أخرى
WIF has no restrictions on bindings, it is just a set of Apis that makes it easier to develop Idps and Spses. What people usually do is they implement redirect binding on the service provider and post binding on the identity provider - all books and tutorials I've read are like this. This means that the service provider should redirect to the identity provider with wa=wsignin1.0 and the identity provider responds with a form containing the token posted to the service provider.
However, I don't see any obvious reasons you would not be able to implement post bindings for both sides.
As far as I know, there is still no SAML2 protocol support for WIF apart from a ctp that hasn't been updated for ages. If your service needs saml2, you'd have to take a look at some commercial implementations, like the one from componentspace.
https://stackoverflow.com/questions/15821371
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian