Contents tagged with Geneva
-
Negotiating SAML tokens for REST clients with the HttpClient class
Continuing my post “Brokered authentication for REST active clients”, I will show today how the client code can be simplified using the new HttpClient (WCF REST Starter kit 2) and some custom http processing stages attached to its pipeline.
-
Brokered authentication for REST active clients with SAML
I have been thinking for a while about what could be a good way to support brokered authentication for active REST clients. Something I did not want to do was to force the use of WS-Trust Active profile, which is in essence SOAP based.
-
Carrying sensitive information in SAML assertions
When SAML is used in conjunction with WS-Security, only an small piece of the token is encrypted, the proof key for the relying party. The rest of the token goes in plain text, that also includes the user's claims.
-
WS-TRUST profiles and Cardspace
Geneva framework supports today the two WS-Trust profiles, Active and Passive.
-
Security Token Handlers in Geneva Framework
According to the Geneva documentation,
-
Some thoughts on Portable STS (P-STS) and Geneva Cardspace
The other day and friend of mine asked me about portable STS implementations, if I knew about any available solution that he could use on his company. That reminded me of a conversation I had like two years ago with another developer working on custom .NET CLR framework version for portable devices (like smartcards). As part of that project, his team was also working on a TCP/IP communication stack for the device, and a http handler for accepting raw WS-TRUST messages. One goal for that project was to have a P-STS that could be interoperable with WCF. The idea seemed very promising at time.
-
Claims negotiation between a consumer, STS and Relying Party in WCF
According to the WS-Trust specification, a service consumer has a way to negotiate or ask for specific claims to the STS. Those claims (or some of them) will be generally used by the service implementation running on the relying party.