I am working with saml token for the first time. If I passed authentication and received the saml token from a 3rd party id provider, where is the saml token stored when I landed back to my page (default.aspx)??
View Complete Post
I have an IDispatchMessageInspector which is deserializing a SAML Token contained in the SOAP message header.
To do the deserialization I am using the following code:
List<SecurityToken> tokens = new List<SecurityToken>();
SecurityTokenResolver outOfBandTokenResolver = SecurityTokenResolver.CreateDefaultSecurityTokenResolver(new ReadOnlyCollection<SecurityToken>(tokens), true);
SecurityToken token = WSSecurityTokenSerializer.DefaultInstance.ReadToken(xr, outOfBandTokenResolver);
The problem I am seeing is that the performance of the ReadToken call varies depending on the account that is running the windows service (in which the WCF service is hosted).
If the service is running as a windows domain account the elapsed time for the ReadToken call is virtually zero. When running as a local machine account the call takes about 1 second.
Can anyone shed any light on what is going on here and why the account running this bit of code makes a difference as to its performance?
I am connecting SharePoint 2010 to SAP. I am using CBA from SAML. When user logs in for the first time in SharePoint, he/she would get the SAML token, after this should we use the same SAML token and propagate it to WCF and SAP or impersonate the logged
in user with SAP user id?
I have a WPF client which request a SAML token from the STS. After receiving the SAML token the WPF client sends the SAML token as part of the request header to the WCF data service. At the WCF data service level the request is interpreted by the Authorisation
manager. I wanted to know is there any way to parse and authenticate this SAML token at the service level that its a valid saml token.
A Security Token Service, or STS, acts as a security gateway to authenticate callers and issue security tokens carrying claims that describe the caller. See how you can build a custom STS with the "Geneva" Framework.
Michele Leroux Bustamante
MSDN Magazine January 2009