Geeks With Blogs

News





INauseous() Shawn Cicoria - Solution Architect, Craftsman and Artisan - INauseous() - Main Blog Here: www.Cicoria.com

Disclaimer: Use at your own risk – no warranties are granted or implied

If you’ve worked with Windows Identity Foundation (WIF) without the help of ADFS 2.0, you’ll run into situations where you’ll need to potentially generate or regenerate the metadata used for federation.

Additionally, while WIF supports SAML tokens, it doesn’t have support for SAML Passive Requestor protocol (urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST)  - you get that with ADFS 2.0.

So, I needed the ability to quickly generate meta-data and regenerate as needed.  I created a very simple tool – hacked in a few hours - that uses the meta data serialization support in WIF (MetadataSerializer) to generate the meta data.

So, this tool will generate the following metadata

Download

SAML IdP and SP

  • IDPSSODescriptor "urn:oasis:names:tc:SAML:2.0:protocol"
  • SPSSODescriptor "urn:oasis:names:tc:SAML:2.0:protocol"

And WS-Federation

  • http://docs.oasis-open.org/wsfed/federation/200706

The tool makes use of the PropertyGrid for binding to some types used to generate, and in order to read the certificate private key it needs permissions – if you run elevated, you should have access.

image

image

Posted on Wednesday, August 18, 2010 10:14 PM .NET , Utilities | Back to top


Comments on this post: Federation Metadata Generation Tool

# re: Federation Metadata Generation Tool
Requesting Gravatar...
very nice!
had to tweak it for activests but seams to work.
thanks a lot and kind regards,
marcel
Left by Marcel on Aug 23, 2010 9:59 AM

Comments have been closed on this topic.
Copyright © Shawn Cicoria | Powered by: GeeksWithBlogs.net