I have an MVC 4 application receiving SAML2 tokens from an initiating IdP. I can see the token as it arrives and I can decrypt it. However, I want to do this with WIF 3.5 and seem to be having problems with SAML Namespaces when I try to use the WSSecurityTokenSerializer as follows:
System.Xml.XmlException was unhandled by user code HResult=-2146232000 Message=Cannot read the token from the 'Response' element with the 'urn:oasis:names:tc:SAML:2.0:protocol' namespace for BinarySecretSecurityToken, with a '' ValueType. If this element is expected to be valid, ensure that security is configured to consume tokens with the name, namespace and value type specified. Source=System.ServiceModel LineNumber=0 LinePosition=0 StackTrace: at System.ServiceModel.Security.WSSecurityTokenSerializer.ReadTokenCore(XmlReader reader, SecurityTokenResolver tokenResolver) at System.IdentityModel.Selectors.SecurityTokenSerializer.ReadToken(XmlReader reader, SecurityTokenResolver tokenResolver) at SamlHandlingTests.SamlTests.TestMethod1() in g:\Projects\mytempesub\Solution\SamlHandlingTests\SamlTests.cs:line 112 InnerException:
I have seen a post here StackOverflow question but the final resolution of doing things directly with XML doesn't suit me because I need to be able to run this up as a standard IdP-Initiated solution.
Therefore I have two questions:
Has anyone ever managed to overcome this error with WIF? (I don't need the WIF Extensions as I am only concerned with handling SAML2 tokens, not protocol.
To use WIF in an IdP-Initiated environment I understand requires no configuration, I have simply set authentication off and I check the incoming token. However, I would prefer to check the token in the full WIF pipeline but this then needs configuration. How can I configure WIF to function in this IdP-Initiated environment?
Many thanks
Brian
