Adding to roles SAML token


  • I created STS service for creating SAML tokens with custom authorization policy which goes through roles for windows user and added it to custom principal. How do we add this to SAML tokens to include roles or custom principal.

    Friday, December 31, 2010 1:33 PM


All replies

  • I figured how to do this we can add claim by creating role type with Possess property. But is it possible to add Custom Object to ClaimSet instead of string?
    Friday, December 31, 2010 2:37 PM
  • We cannot have resource type other then string in SAML . Is there are work around to have non primitive type in SAML?




    public SamlAttribute(Claim claim)




    if (claim == null)



    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("claim");




    if (!(claim.Resource is String))



    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SamlAttributeClaimResourceShouldBeAString));




    Friday, December 31, 2010 2:41 PM
  • Regarding non-string (Complex types). Have you seen

    Paul Lemmers

    • Marked as answer by chintapali Tuesday, January 04, 2011 6:52 PM
    Monday, January 03, 2011 10:07 PM