WCF Claims, STS and Federation – Layman’s View – 2
5.00/5 (1 vote)
In the previous post, we have seen the service configuration of WCF federation. In this post, let us see the STS configuration.
In the previous post, we have seen the service configuration of WCF federation. In this post, let us see the STS configuration.
In the STS’s configuration file, it is mentioned in <message> element.
<system.serviceModel>
<services>
<service name="Udooz.SecurityTokenService" behaviorConfiguration="stsBehavior">
<endpoint contract="Udooz.ISecurityTokenService"
binding="wsHttpBinding" bindingConfiguration="stsBinding"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="stsBinding">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
The STS service contract is declared in Udooz.ISecurityTokenService and implementation is resided in Udooz.SecurityTokenService.
The message security mode is specified in <binding>..<wsHttpBinding>..<binding name=”stsBinding”>…<security>.
This is specified in the <serviceBehaviors> section named “stsBehavior”.
<behaviors>
<serviceBehaviors>
<behavior name="stsBehavior">
<serviceCredentials>
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType=
"UdoozCommonLib.STSUsernamePasswordValidator, UdoozCommonLib"/>
<serviceCertificate findValue="WCFServerKey"
x509FindType="FindBySubjectName"
storeLocation="LocalMachine" storeName="My" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors
The username-password authentication is done by UdoozCommonLib.STSUsernamePasswordValidator class in UdoozCommonLib assembly.
To be continued…
CodeProject