WCF routing service + WIF security + SL = grief

Question

Scenario:

I've got an web app that hosts a silverlight app. Silverlight is using the web app to call wcf services. I also have WIF for federated authentication in the mix so the first thing the web app does is it redirects you the the STS to login. Once you login successfully you get a token that is wrapped in an http cookie and sent to the browser.

All the wcf services are hidden behind the wcf 4 routing service which depending on some predefined filters routes the requests to the appropriate services. Silverlight talks to the services using the routing service(using httpBinding).

What I am trying to do is to flow the original identity(contained in the http cookie) through to the internal wcf services.

This is a vast subject I know but if anybody can provide any input it would be greatly appreciated.

UPDATE: I have been working with WIF for a while now and figured this out. I basically obtain the xml token from the home website and then include it in the SOAP headers before calling the services.

Answer 1

The best thing in this case is to actually request a token from within your Silverlight application. Take a look at this link http://blogs.msdn.com/b/vbertocci/archive/2010/03/15/identity-developer-training-kit-march-2010-update-wif-silverlight-wif-wcf-on-windows-azure.aspx

Inside the toolkit is a set of libraries required for communicating with a STS as well as patterns for passing an issued token to a WCF service.