Hello,
Summary:
My passive STS redirect for browser clients appears to be interfering with an active WCF service that wants to invoke an operation on a service hosted on the same site.
Details:
I have an ASP.NET 4.0 website that's hosting a Silverlight application, to which my users authenticate by being redirected to a passive STS. This site also hosts a number of WCF (.svc) services, which may be called by the Silverlight cilent via one endpoint (basicHttpBinding), or via other services via a separate endpoint - ideally using an ActAs token.
So the basic scenario is this:
Client connects to the site unauthenticated and is redirected to a PassiveSTS which uses Windows Authentication to generate a Security Token. He then presents this back at the site, and is allowed to download the Silverlight client. He then makes requests to some services hosted at the same location (no cross domain policies, etc). Some of these services may need to invoke other services (again at the same site) acting as him. After the second service has spoken to an Active ActAsSTS and is ready to make the call to the service, IIS appears to jump in and try to redirect the call to the PassiveSTS.
When making the call to the second service, I get the following exception:
The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8).
If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly.
The first 1024 bytes of the response were: '<html><head><title>Working...</title></head><body><form method="POST" name="hiddenform"...
etc.
so my ActingAsChannel is freaking out.
Has anybody got any idea what I'm doing wrong, or what other information would be required to help troubleshoot this? I guess I could host my services at a different location, but I don't want to have to deal with cross domain policies, etc. if I don't have to.
Thanks
Terence