Hi,
I managed to get SSO to an old style ASMX Web Service working by using the WS Federation flow with a SAML Assertion from ADFS. Then I get a FedAuth cookie I am using for further calls to the ASMX Web Services . That works nicely. So basically I followed this approach:http://www.huggill.com/2012/02/04/claims-proxy-a-c-sharp-library-for-calling-claims-protected-web-services/
But I have to call WCF Web Services hosted on Sharepoint 2010. How do I authenticate here? I have two ideas.
- Just reuse the FedAuth cookie. Will this work for WCF Web Services as well? There are several sites online that give me the impression that it won’t. This is one of the sites: http://blogs.technet.com/b/speschka/archive/2011/08/07/using-saml-claims-sharepoint-wcf-claims-to-windows-token-service-and-constrained-delegation-to-access-sql-server.aspx
- Changing the binding of the WCF services to in a way that it can accept issued SAML assertions. I put in a custom binding with an IssuedTokenOverTransport security setting as I am used to with WCF services. However on startup of the WCF service host Sharepoint tells me that the custom binding I use does not perform a user impersonation. The service host does not come up…
So both ideas don’t seem to work. What’s the right approach? Will it be different for Sharepoint 2013?
thx EssE