SAML STS for WSE 3.0 (reposted)
Every week or so I get another email asking where the sample code for the SAML STS for WSE 3.0 has been moved to now that GotDotNet GotNuked. It wasn't moved anywhere. So I figured I would repost it here for those that needs i. For those new to this you should also take a look at Pablo Cibraro's blog (Pablo was one of the developers on this sample) as he extended this to support credential caching and more.
A few caveats that people should be aware of when looking at this sample code:
- For obvious reasons, where at all possibly you should seek a WCF based solution first. There still appear to be a few people that cannot use WCF yet - which is why I am reposting this.
- We did do interop testing between a RC version of WCF and this STS - but this was released before WCF went gold - so if interop is important to you then you should test that.
- The code within this requires extensive knowledge of .NET security API's. Do not consider deploying this if you do not understand the entire solution.
- As with all things security related you should ensure you put together an appropriate security threat model and as part of your solution design...
- And of course batteries are not included!
Most common issues encountered:
- Configuring the access rights to the certifcates is probably the number one issue people run into. If you need help managing certs / permissions download this awesome tool.