I wrote this small single file aspx utility that can be dropped in a asp.net website. The utility will allow the user to view the claims within the token.
It can often be a problem to trace problems with SAML as WS-Federation. Here are some plugins that I have found that can make your live easier.
Within the enterprise arena it is common to have a Identity provider for the organization. In this post I have a brief look at the industry standard protocols.
Invalid Base64 characters? Invalid XML? Anyone that has had to work with these FedAuth tokens would have experienced errors with the format of the FedAuth tokens.
In the following example i will show how to build an Identity Provider also called a passive security token service (IP-STS) that issues tokens using WS-Federation. This post builds on work done in a previous post, Create your own active STS. a complete working copy of the passive sts skeleton with full source is downloadable from here.… Read More »
Figured that I would start a post dealing specifically with all the terms we find in the Identity world. Ill add to this post as time goes on…
I created a windows forms application sample that can assist with decoding to FedAuth tokens captured from tools like Fiddler, source is included. It is downloadable from this link.
Started playing around with our new Identity provider at work. Its in PoC form at this stage. Build with the help of the Identity 3.0 templates and asp.net core.
A passive STS (IP-STS) is a website that issues a token and uses the browser to direct the flow of the application through redirects. The following example will be integrating a website with a passive STS that issues tokens using the WS-Federation standard. Click here if you wish to see how to create your own passive STS.
The following example uses an active security token service (A-STS) that issues tokens using the WS-Trust standard. The type of STS discussed in this post is called a Active STS OR A-STS, it refers to the client that is actively in control of its own authenticated state. This client will typically have its own login window build into the… Read More »