Unsigned SAML 2.0 Support for WCF on .Net 4.0
-
02-10-2019 - |
Pergunta
Can someone please let me know if unsigned SAML 2.0 or 1.1 is natively supported on WCF .Net 4.0. I know that Signed SAML 1.1 is natively supported on WCF and SAML 2.0 is natively supported on WIF but I am not able to find any material regarding unsigned SAML.
Solução
Not natively. The out of the box SAML 1.1 and SAML 2.0 token handlers sign the tokens. To supoort unsigned tokens you need to create your own token handlers that inherit from
Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler
Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler
override the signiture creation/validation methods, there is a bunch of them, and do nothing in your case. The problem is that you need to control the STS services that issue tokens to you as well which might be difficult if they are not under your control.
Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow