private bool ProcessError(SecurityTokenService secureService, SoapException exception, MSNTicket msnticket, EventHandler onSuccess, EventHandler <ExceptionEventArgs> onError) { string errFedDirectLogin = @"Direct login to WLID is not allowed for this federated namespace"; if (exception == null) { return(false); } if (secureService.pp == null) { return(false); } uint errorCode = uint.Parse(secureService.pp.reqstatus.Remove(0, "0x".Length), NumberStyles.HexNumber); if (errorCode == 0x800488ee) { if (exception.Detail.InnerXml.IndexOf(errFedDirectLogin) != -1) { string fedLoginURL = string.Empty; string fedAuthURL = string.Empty; string fedBrandName = string.Empty; foreach (extPropertyType extProperty in secureService.pp.extProperties) { switch (extProperty.Name) { case "STSAuthURL": //STS means Security Token Service. fedLoginURL = extProperty.Value; break; case "AuthURL": fedAuthURL = extProperty.Value; break; case "AllowFedUsersWLIDSignIn": //Is it allow to login by MSN ? Not all feduser can log in with a WLM client. if (!bool.Parse(extProperty.Value)) { return(false); } break; case "FederationBrandName": fedBrandName = extProperty.Value; break; case "IsFederatedNS": if (!bool.Parse(extProperty.Value)) { return(false); } break; } } if (fedLoginURL == string.Empty) { return(false); } Uri fedLoginURI = new Uri(fedLoginURL); string strFedLoginURI = fedLoginURI.Scheme.ToUpperInvariant() + "://" + fedLoginURI.Host + (fedLoginURI.Scheme.ToLowerInvariant() == "https" ? ":443" : string.Empty) + "/" + fedLoginURI.PathAndQuery; SecurityTokenService fedSecureService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", strFedLoginURI); fedSecureService.Url = fedLoginURL; RequestSecurityTokenType token = new RequestSecurityTokenType(); token.Id = "RST0"; token.RequestType = RequestTypeOpenEnum.httpschemasxmlsoaporgws200502trustIssue; AppliesTo appliesTo = new AppliesTo(); appliesTo.EndpointReference = new EndpointReferenceType(); appliesTo.EndpointReference.Address = new AttributedURIType(); appliesTo.EndpointReference.Address.Value = strFedLoginURI.Remove(0, @"HTTPS://".Length); token.AppliesTo = appliesTo; RequestSecurityTokenResponseType response = null; if (onSuccess != null && onError != null) { //Async request. fedSecureService.RequestSecurityTokenCompleted += delegate(object sender, RequestSecurityTokenCompletedEventArgs e) { if (!e.Cancelled) { if (e.Error != null) { MSNPSharpException sexp = new MSNPSharpException(e.Error.Message + ". See innerexception for detail.", e.Error); onError(this, new ExceptionEventArgs(sexp)); return; } response = e.Result; if (response.RequestedSecurityToken == null || response.RequestedSecurityToken.Assertion == null) { return; } AssertionType assertion = response.RequestedSecurityToken.Assertion; secureService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", @"HTTPS://login.live.com:443//RST2.srf"); secureService.Security.Assertion = assertion; if (response.Lifetime != null) { secureService.Security.Timestamp.Created = response.Lifetime.Created; secureService.Security.Timestamp.Expires = response.Lifetime.Expires; } Authenticate(secureService, msnticket, onSuccess, onError); } }; fedSecureService.RequestSecurityTokenAsync(token, new object()); return(true); } else { //Sync request. try { response = fedSecureService.RequestSecurityToken(token); } catch (Exception ex) { MSNPSharpException sexp = new MSNPSharpException(ex.Message + ". See innerexception for detail.", ex); throw sexp; } if (response.RequestedSecurityToken == null) { return(false); } if (response.RequestedSecurityToken.Assertion == null) { return(false); } AssertionType assertion = response.RequestedSecurityToken.Assertion; secureService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", @"HTTPS://login.live.com:443//RST2.srf"); secureService.Security.Assertion = assertion; Authenticate(secureService, msnticket, onSuccess, onError); return(true); } } } return(false); }