All geek questions in one place

WCF + WIF Routing

How is the new routing service related to security? According to http://blogs.microsoft.co.il/blogs/applisec/archive/2011/12/12/wcf-routing-and-message-security.aspx , it can be difficult if Windows default security is not selected ( this is usually a simple username / password script).

Can wcf routing support a scenario where a router receives a secure WS-Security message through HTTP and redirects it to another server via HTTP without deploying a security token?

My scenario is as follows:

  • Server (relying party), user STS with username and password authentication and client. We use ws2007FederationHttpBinding and message security.
  • Now we are setting up wcf routing, it works with basicHttp or wsHttp.
  • Then we use WIF, we can initiate proxies, STS generates claims, but it fails when the service is first called. It seems that the router is waiting for the certificate definition (including, otherwise we get an error), then it seems the Mapspace interface is required (while in fact we use the username / password).

If so, do you have an example?

Thanks.

+4
source share
1 answer

Good question, I could not find anything about this in google, but besides this question also remained unanswered in msdn. I don’t think this is added out of the box, since you will usually need to use delegation (ActAs) when you want to redirect the request to another service.

The only solution I can think of is to create a message inspector and use it in my WCF routing service. And of course, you will need to use "SupportInteractive = false"

I found something that might be the answer, see the next post (ignore silverlight lol) http://zamd.net/2011/02/08/silverlight-claim-based-security/

Zamd says: For the second part, I implemented a message inspector along with an extension method that makes it easy to attach SAML with outgoing messages .

0
source

Source: https://habr.com/ru/post/1397452/

More articles:


All Articles