0

I've been working on a disconnected WCF system with a web front end that needs to authenticate against a RP using Windows Identity Foundation. The basic setup is as follows;

RP (+ claims) -> Web Front End -> WCF Services(~)

The WCF need to make sure that the user logged in is on the RP and has the claims required to do particular actions.

I am having problems calling the WCF service from the Web Front End and still having the authorisation and claims, originally retrieved from the RP, available.

Basically, I can't access the RP claims from the WCF when the WCF is called by the web front end.

Neil Highley
  • 73
  • 1
  • 5
  • I keep getting the login.aspx page from the RP, when I call it with the WCF service to authorise, as its the same one used by the web front end. – Neil Highley Jun 07 '11 at 11:30
  • Are the RP claims populated by an AuthenticationManager in the RP or are they provided by the STS? If you are wanting to delgate claims, then the communication between the web front end and the WCF service will still go back to the STS to get the delegated claim set. – Rory Primrose Jun 07 '11 at 13:20
  • They're populated alongside the Authentication in the STS/RP. I've tried ActAs from the WCF service, using the token from the Web front end, but the Login page still gets returned when I request the claims from the STS. – Neil Highley Jun 07 '11 at 13:35
  • I've managed to get the token passed by adding it to the request header (using IDispatchMessageInspector) on all subsequent calls. I do lose the claims doing it this way. So I may not be totally there yet.. http://blogs.msdn.com/b/skaufman/archive/2009/05/29/exposing-custom-wcf-headers-through-wcf-behaviors.aspx and http://stackoverflow.com/questions/964433/how-to-add-a-custom-header-to-every-wcf-calls – Neil Highley Jul 01 '11 at 09:51

0 Answers0