locked
Customizing request token RRS feed

  • Question

  • In looking for a simpler way to pass custom user credentials from an active wcf client to a wcf sts, I am studying the "Customizing Request Security Token" Microsoft Geneva sample.    In this example they pass some additional custom serializable elements in the RST that are evaluated by the override ValidateRequest method in the custom STS.  

     static Binding GetClientBinding()  
            {  
                WS2007FederationHttpBinding binding = new WS2007FederationHttpBinding( WSFederationHttpSecurityMode.Message );  
     
                binding.Security.Message.IssuerAddress = new EndpointAddress( "http://localhost:8081/STS" );  
                binding.Security.Message.IssuerBinding = GetSecurityTokenServiceBinding();
                #region Make the client send out additional RST element  
                //  
                // The TokenRequestParameters is a place where you can send some custom element in the issue request  
                //  
                XmlDocument doc = new XmlDocument();  
                XmlElement customElement = doc.CreateElement(RstCustomElementConstants.Prefix, RstCustomElementConstants.LocalName, RstCustomElementConstants.Namespace);              
                  
                customElement.InnerText = "abc";              
     
                binding.Security.Message.TokenRequestParameters.Add( customElement );
                #endregion  
     
                return binding;  
            } 

    This looks fairly straight forward and much simpler then getting into the custom SecurityTokenHandler business.   Are there any big cons / drawbacks to customizing and using the RST in this manner?

    thanks

    Thursday, February 5, 2009 3:20 AM

Answers

  • The "Customizing Request Security Token" sample illustrates how you can send some custom elements in the RST to the STS. However, if you are interested in using custom-tokens for securing messages, you may try the "Customizing Token" sample.

    Thanks.
    • Marked as answer by scott_m Friday, February 6, 2009 2:01 AM
    Thursday, February 5, 2009 7:15 AM