Before explaining my question, let me say the background in the beginning.
I have already successfully called claims-aware WCF service from simple client application.
In this case, I used ADFS as Id Provider (IdP), and it is configured as following:
Trust Relationships
+Claims Provider Trust
++Active Directory: (Default)
+Relying Party Trust
++ClaimsAwareWebService : (Manually added)
+++[Identitifiers] tab
++++ (All urls of *.svc are registered)
+++[Encryption]tab
++++(Certificatie of an application server which the WCF service resides on)
+++[Signature]tab
++++(None)
+++[Advanced]
++++SHA-256
My question is that :
1) How to disable encrypting security token which exchange between WCF web service and ADFS?
2) How to enable signing the token? (Same as above)
I tried removing certificate from [Encryption] tab in ADFS Relying Party configuration. After that WCF service call fails. I believe I need to change
web.config for WCF service, but I’m not sure how should I edit it.
I also add certificate to [Signature] tab in ADFS Relying Party configuration and sniff http/https packet with Fiddler. But there is no difference between after and before. It also needs to change
web.config.
My Environment:
IdP) Windows Server 2012
Std + AD FS 2.1 + .NET Framework 4.5
RP) Windows Server 2012 Std + IIS8 + ASP.NET + .NET Framework 4.5
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceCredentials useIdentityConfiguration="true">
<serviceCertificate findValue="CN=xxxxxx(same as in encryption tab)" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
Please help me out if someone knows.
