public ActionResult Webservice() { ViewBag.Message = "Your application description page."; // Setup the channel factory for the call to the backend service var binding = new WS2007FederationHttpBinding( WSFederationHttpSecurityMode.TransportWithMessageCredential); var factory = new ChannelFactory<WebService.IService>(binding, new EndpointAddress("https://[BackendService]/Service.svc")); // turn off CardSpace factory.Credentials.SupportInteractive = false; // Get the token representing the logged in user var actAsToken = GetActAsToken(); // Create the channel to the backend service using the acquired token var channel = factory.CreateChannelWithIssuedToken(actAsToken); // Call the service var serviceClaims = channel.GetClaimsPrincipal(); // At this point, you can compare the claims the are available to the backend service with the ones available to the web app // See for example that the backend service has knowledge of both the logged in user and the front end app through which the user is logged in ViewBag.Message = "Web service call succeeded!"; return View(); }
private static void CallService(SecurityToken token) { var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); binding.Security.Message.EstablishSecurityContext = false; binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey; var factory = new ChannelFactory<IClaimsService>( binding, new EndpointAddress("https://adfs.leastprivilege.vm/adfsapp/service.svc")); factory.Credentials.SupportInteractive = false; var channel = factory.CreateChannelWithIssuedToken(token); channel.GetClaims().ToList().ForEach(c => Console.WriteLine(c.Value)); }
private static void CallService(SecurityToken token) { "Calling Service".ConsoleYellow(); var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); binding.Security.Message.EstablishSecurityContext = false; binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey; var factory = new ChannelFactory<IClaimsService>(binding, new EndpointAddress(_serviceAddress)); factory.Credentials.SupportInteractive = false; factory.Credentials.UseIdentityConfiguration = true; var proxy = factory.CreateChannelWithIssuedToken(token); var id = proxy.GetIdentity(); Helper.ShowIdentity(id); }
private static IService CreateProxy() { // request identity token from ADFS SecurityToken token = RequestIdentityToken(); // set up factory and channel var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); binding.Security.Message.EstablishSecurityContext = false; var factory = new ChannelFactory<IService>(binding, _serviceEndpoint); factory.Credentials.SupportInteractive = false; // enable WIF on channel factory factory.ConfigureChannelFactory(); return factory.CreateChannelWithIssuedToken(token); }
static void Main(string[] args) { var jwt = GetJwt(); var xmlToken = WrapJwt(jwt); var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); binding.HostNameComparisonMode = HostNameComparisonMode.Exact; binding.Security.Message.EstablishSecurityContext = false; binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey; var factory = new ChannelFactory<IService>( binding, new EndpointAddress("https://localhost:44335/token")); var channel = factory.CreateChannelWithIssuedToken(xmlToken); Console.WriteLine(channel.Ping()); }
private static void CallService(SecurityToken token) { //var serviceEndpoint = "https://" + "adfs.leastprivilege.vm" + "/rp/service.svc"; var serviceEndpoint = "https://" + "localhost:44305" + "/service.svc"; var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); binding.Security.Message.EstablishSecurityContext = false; binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey; var factory = new ChannelFactory<IClaimsService>( binding, new EndpointAddress(serviceEndpoint)); factory.Credentials.SupportInteractive = false; var channel = factory.CreateChannelWithIssuedToken(token); var claims = channel.GetClaims(); claims.ForEach(c => Console.WriteLine("{0}\n {1}\n\n", c.Type, c.Value)); }
private IFederatedService CreateClient() { //var serviceEndpoint = "https://localhost:44300/FederatedService.svc"; //var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); //binding.Security.Message.EstablishSecurityContext = false; //binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey; //var factory = new ChannelFactory<IFederatedService>( // binding, // new EndpointAddress(serviceEndpoint)); //factory.Credentials.UseIdentityConfiguration = true; //factory.Credentials.SupportInteractive = false; var factory = new ChannelFactory<IFederatedService>("WS2007FederationHttpBinding_IFederatedService"); var token = GetIssuedToken(); var channel = factory.CreateChannelWithIssuedToken(token); return channel; }
private void _btnCallService_Click(object sender, RoutedEventArgs e) { var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); binding.Security.Message.EstablishSecurityContext = false; binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey; var ep = new EndpointAddress("https://" + Constants.WebHost + "/webservicesecurity/soap.svc/bearer"); var factory = new ChannelFactory<IService>(binding, ep); factory.Credentials.SupportInteractive = false; factory.ConfigureChannelFactory(); var channel = factory.CreateChannelWithIssuedToken(RSTR.SecurityToken); var claims = channel.GetClientIdentity(); var sb = new StringBuilder(128); claims.ForEach(c => sb.AppendFormat("{0}\n {1}\n\n", c.ClaimType, c.Value)); _txtDebug.Text = sb.ToString(); }
private static void CallMessage(SamlSecurityToken token) { var factory = new ChannelFactory<IServiceClientChannel>( new ClientSamlHttpBinding(SecurityMode.Message), new EndpointAddress( new Uri("http://roadie:9000/Services/ClientSaml/Message"), EndpointIdentity.CreateDnsIdentity("Service"))); factory.Credentials.ServiceCertificate.SetDefaultCertificate( StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=Service"); factory.ConfigureChannelFactory<IServiceClientChannel>(); var proxy = factory.CreateChannelWithIssuedToken<IServiceClientChannel>(token); proxy.Ping("foo"); proxy.Close(); }
private static void CallMixedMode(SamlSecurityToken token) { var factory = new ChannelFactory<IServiceClientChannel>("*"); factory.ConfigureChannelFactory<IServiceClientChannel>(); var proxy = factory.CreateChannelWithIssuedToken<IServiceClientChannel>(token); proxy.Ping("foo"); proxy.Close(); }
private static IClaimsService GetServiceProxy(SecurityToken token) { var serviceAddress = FederatedAuthentication.FederationConfiguration.WsFederationConfiguration.Reply + "service.svc"; var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential); binding.Security.Message.EstablishSecurityContext = false; binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey; var factory = new ChannelFactory<IClaimsService>( binding, new EndpointAddress(serviceAddress)); factory.Credentials.SupportInteractive = false; var channel = factory.CreateChannelWithIssuedToken(token); return channel; }