I have WinForms and ASP.Net applications that need to access WCF Web and Data services using a SAML token.
I've been looking at Windows Identity Foundation (WIF) to enable the WCF service to use SAML tokens from an STS-IP.
On the client, do I make a call to the STS and get a SAML token, then pass the token to the WCF service? if so, how do I get the token then pass it to WCF?
or
Does the client pass the credentials (username/password) of the user to the WCF web service, which gets a SAML token and does its thing?
My understanding is WCF Data Services uses REST. So how does SAML work with REST?