Create SAML Authentication request using WIF

Asked 2/2, 2011 at 17:55 Answered 15/3, 2011 at 21:50

Solved c#.net saml wif federated-identity

It seems most of the WIF information out there is useful for enabling federated authentication across entire applications. I'm interested in using the API to create SAML authentication requests and receive/interpret the SAML responses.

I found the following post on SO Reading SAML Attributes from SAML Token that gets me going in the right direction in regards to receiving and interpreting SAML responses. Can anyone give me more information on how I might use the API to create SAML requests?

Any more info (reading material, videos, etc) on the API in general would be greatly appreciated.

Impetus answered 2/2, 2011 at 17:55 Comment(0)

Here's a little example form one of our samples that shows how to programatically create a request for a (SAML) Security Token to an STS:

private static SecurityToken GetSamlToken(string realm, string stsEndpoint, ClientCredentials clientCredentials)
    {
        using (var factory = new WSTrustChannelFactory(
            new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential), 
            new EndpointAddress(new Uri(stsEndpoint))))
        {
            factory.Credentials.UserName.UserName = clientCredentials.UserName.UserName;
            factory.Credentials.UserName.Password = clientCredentials.UserName.Password;
            factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
            factory.TrustVersion = TrustVersion.WSTrust13;

            WSTrustChannel channel = null;

            try
            {
                var rst = new RequestSecurityToken
                              {
                                  RequestType = WSTrust13Constants.RequestTypes.Issue, 
                                  AppliesTo = new EndpointAddress(realm), 
                                  KeyType = KeyTypes.Bearer, 
                              };

                channel = (WSTrustChannel)factory.CreateChannel();

                return channel.Issue(rst);
            }
            finally
            {
                if (channel != null)
                {
                    channel.Abort();
                }

                factory.Abort();
            }
        }

Blowpipe answered 15/3, 2011 at 21:50 Comment(1)

I don't believe this creates a SAML AuthnRequest at all. It seems to create a WSTrust RequestSecurityToken. – Territus 19/8, 2016 at 22:35

Since no one else has answered, here's an article from the inimitable Michelle Bustamante:

http://www.devproconnections.com/article/federated-security/Generate-SAML-Tokens-Using-Windows-Identity-Foundation.aspx

Guatemala answered 2/2, 2011 at 20:29 Comment(0)

Recommended topics

Hot tags