c# - WIF identity delegation to WebAPI REST service -


i have read article: identity delegation ad fs 2.0 step-by-step guide on how perform identity delegation using wif asp.net application end wcf service. have asp.net webapi rest service want able call asp.net application using identity delegation, cannot find information on how accomplish this. mentioned technet article uses createchannelactingas create channel wcf service using calling user's security token, method not applicable rest api. can point me articles or provide description of how can delegate identity using wif rest service?

my webapi rest service application set , working using wif authentication of this library thinktecture.

i found solution (i using thinktecture identity server). had set delegation account web application uses (webappaccount) delegate realm service in going identity delegation->add realm in identity server, , in web application had make service call sts providing bootstrap token receive new security token can use authenticate service.

in web app config set:

<system.identitymodel>     <identityconfiguration savebootstrapcontext="true">

and in web app code access service looks like:

bootstrapcontext context = claimsprincipal.current.identities.first().bootstrapcontext bootstrapcontext;  var factory = new wstrustchannelfactory(     new usernamewstrustbinding(securitymode.transportwithmessagecredential), _trusturl); factory.trustversion = trustversion.wstrust13;  factory.credentials.username.username = "webappaccount"; factory.credentials.username.password = "p@ssword";  var rst = new requestsecuritytoken {     requesttype = requesttypes.issue,     keytype = keytypes.bearer,     appliesto = new endpointreference(_realm),     actas = new securitytokenelement(context.securitytoken) };  var token = factory.createchannel().issue(rst) genericxmlsecuritytoken;  var client = new httpclient {     baseaddress = _baseaddress };  client.settoken("saml", token.tokenxml.outerxml);  var response = client.getasync("api/values").result;

my rest service did not require changes.


Comments

Post a Comment

Popular posts from this blog

javascript - RequestAnimationFrame not working when exiting fullscreen switching space on Safari -

request animation frame stops working when exiting fullscreen clicking on original space's safari window. fine if fullscreen mode canceled escape key or calling cancelfullscreen(). steps reproduce: open https://dl.dropboxusercontent.com/u/769042/prezi/safari-fullscreen.html click "draw raf", kittie appears click "fullscreen", go fullscreen click "draw raf", kittie appears go space original safari was, showing "click exit fullscreen mode", click anywhere, out fullscreen click "draw raf", nothing happens what handling click calling: window.requestanimationframe(draw); which draws on canvas context: function draw() { ctx.drawimage(img, math.random()*500|0, math.random()*400|0, 100, 100); } i checked .hidden , .visibilitystate, updated correctly. tested on osx 10.9.3, safari 7.0.4 (9537.76.4). has workaround/solution other switching old settimeout? this sounds webkit bug 88940 : using reque
Read more

Python ctypes access violation with const pointer arguments -

i have api i'm trying wrap in python (2.7.6 on win7) code using ctypes. here's api: client_dllfunc bool clientapi search_exporttoclipcopy(clienthsearch handle, int channel, lpctstr filename, const time_t& from, const time_t& to, const bool* cameras, int length, bool usepassword, lpctstr password, bool includetextin = false, bool excludeplayer = false); the issue i'm having cameras argument; , i've had issue other const pointer arguments well. here's how i'm wrapping api: def search_exporttoclipcopy(self, hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, password, includetextin=true, excludeplayer=false): exporttoclipcopy = self.sdkdll.search_exporttoclipcopy exporttoclipcopy.argtypes = [c_int, c_int, c_wchar_p, c_long, c_long, pointer(c_bool), c_int, c_bool, c_wchar_p, c_bool, c_bool] exporttoclipcopy.restype = c_bool exporttoclipcopy(hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, pass
Read more