6
votes

First some background:

We were recently tasked to send a SAML 2.0 assertion to the server that we are communicating with. We are using WCF for our client. The server is not using WCF. The guys who implement the server, don't have an STS that will issue a SAML assertion. We are trying to use WIF framework because it supports SAML 2.0 tokens.

  1. Is it possible to send a SAML 2.0 assertion with the message from the client without getting the SAML2 token from an STS? If it is can someone please post some sample code on how to do this with WCF and Windows Identity Foundation? I looked around and could not find anything.

  2. Does anyone have any examples with a client getting a SAML2.0 token from an STS and then sending that token with an assertion to a server app?

2

2 Answers

2
votes

You could try having a look at thinktecture starter STS. It comes with source code so you could pick out the bits that create the SAML token.

And from this answer you do not need a STS.

2
votes

I'm assuming you wanted to use standard WS-Security mechanism to attach a SAML token with the SOAP message? Your question is essentially a two part one:

  1. How to get token - you will probably create it yourself? See this link for how to do this. http://www.leastprivilege.com/UsingSAMLAsAClientCredentialTypeInWCFWithGeneva.aspx

  2. How to send the token to service as part of SOAP message? You can attach a SAML token with a WCF channel by using WSTrustChannelFactory class. http://msdn.microsoft.com/en-us/library/ee517268.aspx

hope that helps, Zulfiqar