Questions tagged [ws-trust]

WS-Trust is a WS-* specification and OASIS standard that provides extensions to WS-Security

WS-Trust is a WS-* specification and OASIS standard that provides extensions to WS-Security, specifically dealing with the issuing, renewing, and validating of security tokens, as well as with ways to establish, assess the presence of, and broker trust relationships between participants in a secure message exchange.

WS-Trust defines a number of new elements, concepts and artifacts in support of that goal, including:

the concept of a Security Token Service (STS) - a web service that issues security tokens as defined in the WS-Security specification.
the formats of the messages used to request security tokens and the
responses to those messages.
mechanisms for key exchange

http://en.wikipedia.org/wiki/WS-Trust

94 questions

votes

0 answers

Web Service issue content type text/html does not match the content type of the binding application/soap+xml

I am working with ADFS, and the server URL is: https://domainname/adfs/ls When i have consumed this in my .net application (framework 4.6) using WSTrust trick by adding an asmx file in the solution with the following code snippet var stsEndpoint =…

asked Jan 17 '18 at 12:38

user1691894

votes

1 answer

WCF channel from CreateChannelWithIssuedToken still sending 'requestsecuritytoken' request

Using .Net 4.5 and generated a SAML2 token using WIF identity classes and trying to add it to the soap body request but its being ignored and soap request generated is actually has 'requestsecuritytoken' soap request which is going to the server. I…

c# wcf wif saml-2.0 ws-trust

asked Apr 20 '16 at 15:39

sonu131

votes

1 answer

ADFS Authentication using PHP

I'm not friendly with Microsoft's architecture but I have to implement an ADFS Authenfication on a website. I decided to use WS-Trust to solve it. So first, I send a RST (Request Security Token) to…

php sharepoint adfs ws-trust

asked Jul 22 '15 at 14:17

Dr. Z

votes

3 answers

Implement Office 365 styled Basic Authentication (Active Profile)

I'm working on a SaaS application built around ASP.net MVC & WebAPI and want to make it easy for enterprises to use my service. Example would be Office 365 Basic Authentication (Active Profile) where the user enters his username/password on…

asp.net wif adfs ws-federation ws-trust

asked Jun 29 '15 at 02:10

tunafish24

2,288
6
28
47

votes

1 answer

what protocol to use with ADFS when security webapi for non-browser clients

Our webapi endpoints are used for both browser based clients (angular) and non-browser based clients (restsharp) and the webapi are currently secured using passive WS-Federation as the protocol and ADFS as the STS. We currently use a rather…

asp.net-web-api adfs ws-federation ws-trust

asked Apr 12 '15 at 18:35

Andrew

votes

2 answers

How to pass a certificate to WSTrust to get Saml Token

Here is an example of getting tokem using WSTrustChannelFactory. From here. var stsBinding = new WS2007HttpBinding(); stsBinding.Security.Mode = SecurityMode.TransportWithMessageCredential; stsBinding.Security.Message.EstablishSecurityContext =…

wcf wif saml ws-trust

asked Nov 05 '14 at 06:11

gbs

7,196
5
43
69

votes

1 answer

Unable to track down error for WCF client created with CreateChannelWithIssuedToken

This is a followup of this question here. Might not be directly related to that. I am trying to call a web service secured with a token (federated security, WS-Trust 1.3) which I obtain from a Secure Token Service. I have the SecurityToken (generic…

c# wcf ws-security ws-trust

asked Aug 26 '14 at 15:44

Marcel N.

13,726
5
47
72

votes

1 answer

Delegating secure tokens from one relying party to another

I have a WCF service that is a relying party for a custom STS, built using WIF. My STS issues holder-of-key tokens to my client application. I have created a new 'backend' WCF service, that I need to call from the existing 'frontend' service. How…

c# wcf wif ws-federation ws-trust

asked May 27 '14 at 22:01

Dan Ling

2,965
2
29
43

votes

1 answer

How to specify a certificate as the credentials for a wsTrustChannel with Thinktecture IdentityServer

I would have thought that one could basically switch the client credentials from this: var clientCredentials = new ClientCredentials(); clientCredentials.UserName.UserName = "MyUserName" clientCredentials.UserName.Password = "MyPassword" to: var…

federated-identity thinktecture-ident-server ws-trust

asked Mar 03 '14 at 04:33

Clint

1,159
1
10
19

votes

1 answer

How do I use X509SecurityToken as an ActAs token and verify that the caller has the private key?

I have implemented an STS that allows clients to authenticate using X509 certificates. WIF (now built in in .NET 4.5) has an X509SecurityToken class that seems to work perfectly for this scenario. In my case, I would also like to pass an ActAs…

.net security wif sts-securitytokenservice ws-trust

asked Nov 05 '13 at 18:10

Mark

11,257
11
61
97

votes

0 answers

Obtaining a SAML token from a security token service on windows xp - without using WIF

I am trying to obtain a SAML token for my user on a WPF client application that needs to run on Windows-XP and above. I get the SAML from my identity provider using WS-Trust and I pass it onto the Azure Access Control Service which returns me a…

.net azure saml-2.0 federated-identity ws-trust

asked Jul 03 '13 at 04:57

Auzeb Manzoor

votes

1 answer

JavaScript Client accessing a Webservice with Federated Auth - Cross Domain

I'm looking for a bit of best-practice advice from someone a bit more knowledgeable than me in the Federated Security area. Our Scenario We host a (subscription) webservice (WCF/Asp.Net/IIS). We also have a purely JavaScript component (widget) that…

cross-domain federated-identity ws-trust

asked Jun 24 '13 at 10:36

Andy McCluggage

37,618
18
59
69

votes

1 answer

Azure Active Directory and WCF

How can I secure a WCF service using Azure Active Directory: My Status: - My WCF service that contains the business logic is hosted on Azure WebRole. I want your help to do the following: Configure my WCF Service in Azure to federate the…

wcf azure active-directory wif ws-trust

asked Mar 31 '13 at 09:36

Mahmoud Samy

2,822
7
34
78

votes

1 answer

How do I handle ActAs tokens in WIF 4.5?

I am creating an STS using the WIF (System.IdentityModel) classes in .NET 4.5. This STS needs to handle an ActAs token. I have successfully prototyped the client to send an ActAs token, and this results in this error message on the server…

c# wif ws-trust

asked Jan 30 '13 at 19:06

Mark

11,257
11
61
97

votes

0 answers

Securing Webservices in JBoss using SAML

What is the workflow for securing web services using SAML and is there particular implementation of ws-trust in JBoss that can be used. Currently I have a pojo-ws (SP) deployed in JBoss AS7 using picketlink SAML handlers and the security domain…

web-services jboss saml ws-trust

asked Nov 15 '12 at 16:22

abhishekhp

Prev 1

3 4 5 6 7 Next