We have implemented a federation server which works fine in most cases. It relies on ws2007HttpBinding and implements an extension of UserNameSecurityTokenHandler (called CustomSecurityTokenHandler). On our LAN, all works fine.
However, we have the following scenarios which fails :
1) Instead of the local LAN, the server is deployed on Amazon EC2. The client is a WPF application which connects to the server. When the client is installed on pc within a workgroup, the connection is fine.
2) When the PC is located in a AD domain however, we cannot connect. This does not seem to be due to network issues : the connection to EC2 is still ok, we indeed connect to the federation provider, but never enter into the CustomSecurityTokenHandler.
So it looks as if the server was correctly configured for our local LAN, but suddenly gets stuck when the server is on some external network and the client calls from our local domain.
There's probably some kind of remove section in the configuration to do, but I don't see where.
I already have :
<microsoft.identityModel>
<service>
<securityTokenHandlers>
<remove type="Microsoft.IdentityModel.Tokens.WindowsUserNameSecurityTokenHandler, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
<add type="MyOwnFP.Federation.CustomSecurityTokenHandler, MyOwnFP.Federation"/>
Any idea would be most welcome.
