Using SAML token with Web Service (wsdl)

by

I have been given a .wsdl file and .pfx from the provider.

I call the IdP and acquire a SAML token. Now I need to pass that token to the WebService.

How do I use the SAML token to work with the WebService?

I am using .NET 4.5

Contents hide
Answers:
Method 1
Method 2

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

I was able to add the token and get response with the help of the following two posts:

http://www.noiseworks.org/security-token-service-in-asp-net-application-part-2/
http://travisspencer.com/blog/2012/01/cryptographic-operations-are-r.html

Here’s my code:

  private static string serviceEndpoint = "https service endpoint";
    public static void CallProviderService(SecurityToken token)
    {
        var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential);
        binding.Security.Message.EstablishSecurityContext = false;
        binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey;

        var channelFactory = new ChannelFactory<ISomeProviderService>(binding, new EndpointAddress(new Uri(serviceEndpoint)));
        string thumb = "mycertthumbprint";
        channelFactory.Credentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, thumb);
        channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.PeerOrChainTrust;
        channelFactory.ConfigureChannelFactory();
        channelFactory.Credentials.SupportInteractive = false;

var elements = service.Endpoint.Binding.CreateBindingElements();
elements.Find<SecurityBindingElement>().EnableUnsecuredResponse = true;
service.Endpoint.Binding = new CustomBinding(elements);

        var channel = channelFactory.CreateChannelWithIssuedToken<ISomeProviderService>(token);

        try
        {
            var response = channel.MyServiceMethod(somedataobject);
        }

        catch (Exception ex)
        {
           //log message
        }
    }

Method 2

This is something that should be specified by the provider of the WS. A common standard i the WS-security standard by OASIS

Using this standard the SAML Assertion is placed in a SOAP security header


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x