Windows Azure Platform >
Federated authentication of WCF web role using ADFS

Unanswered Federated authentication of WCF web role using ADFS

  • Monday, May 16, 2011 1:49 PM
     
     
    Sign In to Vote
    0

    Hello,

    I have followed the AZURE training kid sample "Federated identity with WCF Web role" and created a sample wcf service.

    After modifying the bindings created by Fed util tool to custom binding as suggested by the lab I am able to run my service successfully.

    I have added a service reference to my service in a console application.

    When I run the client application, the application is trying to connect o Card Space and throwing an "Invalid Policy " error.

    Kindly help me understanding the issue and a quick solutionto fix this issue.

    Thanks,

    kesari suresh
     

All Replies

  • Monday, May 16, 2011 2:10 PM
     
      Has Code
    Sign In to Vote
    0
    You need to set the interactive support to false before setting the credentials, like this:
    Calc.CalcWithAuthClient client = new Calc.CalcWithAuthClient();

client.ClientCredentials.SupportInteractive = false;
client.ClientCredentials.UserName.UserName = Console.ReadLine();
client.ClientCredentials.UserName.Password = Console.ReadLine();
    I do not know the exact reason why you need to do it, maybe someone else can explain.
    Developer Security MVP | http://www.steveonsecurity.com
     
  • Tuesday, May 17, 2011 2:34 AM
     
     
    Sign In to Vote
    0

    Steve,

    This procedure is asking me to enter my credentials. Is this the correct way?

    After entering the credentials I am receiving an error "SOAP security negotiation with service failed"

    Help me in fixing thi sissue.

    kesari suresh
     
  • Tuesday, May 17, 2011 5:03 AM
     
     
    Sign In to Vote
    0

    The issue I am receiving is some thing like

    "sing WS-Metadata Exchange or DISCO.
    Error: Obtaining metadata from issuer 'https://testwcf/adfs/services/trust/mex'
    failed with error 'System.InvalidOperationException: Metadata contains a referen
    ce that cannot be resolved: 'https://testwcf/adfs/services/trust/mex'. ---> Syst"

     
  • Tuesday, May 17, 2011 2:42 PM
     
     
    Sign In to Vote
    0
    Any help would be appreciated.
    kesari suresh
     
  • Wednesday, May 18, 2011 6:29 AM
    Moderator
     
     
    Sign In to Vote
    1

    Hi Kesari,

    Thanks for your question.

    I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.

    Thanks,

    Wengchao Zeng
    Please mark the replies as answers if they help or unmark if not.
    If you have any feedback about my replies, please contact msdnmg@microsoft.com.
    Microsoft One Code Framework
     
  • Thursday, May 19, 2011 2:19 AM
    Moderator
     
     
    Sign In to Vote
    0

    Hello kesari,

    As to this error:

    "sing WS-Metadata Exchange or DISCO.
     Error: Obtaining metadata from issuer 'https://testwcf/adfs/services/trust/mex'
     failed with error 'System.InvalidOperationException: Metadata contains a referen
     ce that cannot be resolved: 'https://testwcf/adfs/services/trust/mex'. ---> Syst"

    Can I ask you what happens if you access the following URL in browser? Is the server sertificate the following site uses trusted by client machine?

     'https://testwcf/adfs/services/trust/mex'

    Thanks,

    Wengchao Zeng
    Please mark the replies as answers if they help or unmark if not.
    If you have any feedback about my replies, please contact msdnmg@microsoft.com.
    Microsoft One Code Framework
     
  • Friday, May 20, 2011 7:20 AM
     
     
    Sign In to Vote
    0

    After trying and making few changes I am still stuck with this issue. Currently I am receiving an error as below when accessing my service from client.

    "ID3242: The security token could not be authenticated or authorized"

    Kindly help me resolving this issue.

    Thanks,

    kesari suresh
     
  • Tuesday, May 24, 2011 5:50 PM
     
     
    Sign In to Vote
    0

    Hi,

    Based on the issue and consulting with colleagues your question falls into a support category which requires a more in-depth level of support. 

    Please visit the below link to see the various Azure support options that are available to better meet your needs.

    Support
    http://www.microsoft.com/windowsazure/support/


    Blogs
    http://blogs.msdn.com/b/windowsazure/
    http://blogs.msdn.com/b/avkashchauhan/

    bill boyce
     
  • Wednesday, May 25, 2011 4:08 AM
     
     
    Sign In to Vote
    0

    Bill,

    I have raised a support ticket and working for a resolution.

    Thank You.

    kesari suresh
     
  • Wednesday, May 25, 2011 4:37 PM
     
     
    Sign In to Vote
    0

     

    Hi Kesari,

    Please post your resolution when you gain your answer.

     

    Thank You!

    bill boyce
     
  • Monday, June 27, 2011 10:25 PM
     
     
    Sign In to Vote
    0

    Hi Kesari,

    Any updates on the resolution?

     

    Thanks.

     
  • Wednesday, July 06, 2011 3:24 AM
     
     
    Sign In to Vote
    0

    The Azure support team was not able to fix the issue. I was told that the training kit sample only works fine with a local STS. If th etraining kit sample needs to me modified to work with ADFS it requires good amount of tweaking from WCF security perspective.

     

    Thanks,

    kesari suresh