Shows two clients consuming a service
- A console application, getting a token from ADFS using domain user and password and then calling a web service using that token.
- A web application, logging users with ADFS and then calling the same web service delegating the user identity by asking ADFS a token using ActAs
This is the simplest it can get... well simpler would be to use plain HTTP for all the interactions, but this is good enough taking into account that we are talking about monsters like WCF, Ws-Trust, SAML, etc.
- Getting a token using user/password
- Attaching the token to the SOAP message
- The corresponding behavior that will attach the token
- Client side config, simple basicHttpBinding
- Configuring WIF to validate tokens
- Adding a ServiceAuthorizationManager that validates token to a basichttpbinding service
- Validating the token
- Consuming the claims from the principal
IMPORTANT: this is using bearer tokens, so you have to run the service on SSL to be safe. The sample is using http and self host, don't do this in production :)