Consume SWT tokens in website by using WIF RRS feed

  • Question

  • I created a relying party in ACS and used SWT as the token format. Then I used "Add STS reference..." to my web app and pointed it to https://MyApp.accesscontrol.appfabriclabs.com/FederationMetadata/2007-06/FederationMetadata.xml. When I ran the web app it errored out as follows.

    ID4014: A SecurityTokenHandler is not registered to read security token ('BinarySecurityToken', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd').

    Any idea on how to fix this? If I switched to use SAML 2.0 token format, it works just fine.

    Tuesday, January 18, 2011 9:39 AM

All replies

  • WIF does not include a security token handler for SWT. You can find a sample here: http://zamd.net/2010/07/31/using-wif-for-securing-rest-service/

    I wouldn't put too many bets on SWT - seems it will soon be replaced by JWT (of course the good thing about WIF is, that these details are abtracted away from an application point of view).

    Dominick Baier | thinktecture | http://www.leastprivilege.com
    Tuesday, January 18, 2011 10:42 AM