0

I'm trying to implement claims transformation module using the steps in this link.

I have 2 issues-

  1. I couldn't find this dll ("System.Web.Security.SingleSignOn.ClaimTransforms.dll") any where in the ADFS server even after hooking up the Active directory to the ADFS and activating the ADFS role on the server.

  2. At one point in this article it says that I need to copy my assembly to the directory "\adfs\sts\bin". But under the adfs directory I cannot find the sts directory at all.

Any help with these 2 issues are greatly appreciated! Please let me know if you need more clarity on the questions.

I already looked at this post but did not fix my issue.

Thanks,
Ady.

ady
  • 127
  • 1
  • 1
  • 11

1 Answers1

1

Oops that is an ADFS1.x reference! Look at ClaimsRule Language and/or Custom Attribute store for implementing Claims transformation in ADFS 2.x or above.

ady
  • 127
  • 1
  • 1
  • 11
paullem
  • 1,261
  • 7
  • 8
  • paullem- Thanks for your reply and I think this answers my question. One more different question I have is, We have a REST based API in our enterprise that gives us the list of coarse-grained claims that we want to inject into the adfs token before passing onto the application. Do you (or) anyone know if making a rest call is possible using this Claims rule language ? – ady Jul 22 '14 at 02:20
  • Adding claims can only be done (by us) in the incoming Token or in a Custom Attribute store. The latter approach will need a search key from the incoming claims, use that to query your REST API and add the claims. – paullem Jul 22 '14 at 07:59
  • Thanks paullem. I think I got that part of getting a search key from my incoming claims. But do you know how can I actually make a call to the REST API using this claims rule language ? Any sample code would be appreciated. – ady Jul 22 '14 at 14:11
  • In the Custom Attribute Store assembly you are a regular .NET assembly. Do the same calls as you would do normally (yes, that simple). But this time it must be asynchronous. Otherwise you will exhaust the ADFS threadpool. – paullem Jul 22 '14 at 17:33
  • paullem - Perfect. Thanks! Finally I'm able to successfully make a call to my RESTful API from the Custom Attribute store using your above suggestions. Thanks alot for your timely help. – ady Jul 24 '14 at 04:33