Implementing Passive STS in ASP.NET
https://stackoverflow.com/questions/10852374
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPregunta
I have installed WIF Runtime and WIF SDK v4.0 and created an "ASP.NET Security Token Service Web Site" in Visual Studio 2010 (see this link).
When I run the site, type in any username/password combo, and press "Submit", I get the following exception:
The action < EMPTY > (Request.QueryString['wa']) is unexpected. Expected actions are: 'wsignin1.0' or 'wsignout1.0'.
So a few things:
- I realize I have no relying party (aka. client application), but is this necessary to test the site?
- I'm probably missing a few steps (such as creating a client app). What steps am I missing?
Solución
I have a six part tutorial on writing your custom STS, starting here (first three are enough for you):
http://netpl.blogspot.com/2011/08/adfs-20-quest-for-customizing-adfs-sign.html
http://netpl.blogspot.com/2011/08/quest-for-customizing-adfs-sign-in-web.html
http://netpl.blogspot.com/2011/08/quest-for-customizing-adfs-sign-ing-web.html
In short - yes. You need a RP which redirects to your STS with proper wa (for example wsignin1.0). This is done either with the WSFederationAuthenticationModule or wif:FederatedPassiveSignIn control at the RP side.
Writing your own RP is really easy and I can't think of testing your STS without valid requests from a RP.
