Hi,
I have Windows Identity Foundation based WCF service. I have issues with interoperability because it seems to be kind of hard to implement PHP or Perl client for such service due to all WS-* protocols.
Currently it works like this:
Client authenticates at STS (using username and password) and receives SAML token containing required claims
Client accesses WCF service and provides SAML token with claims received by STS using WS-Federation
In the WCF service client is now authenticated.
I would like to make an alternative binding (but keep the existing federated binding) that would work like this:
Client contacts WCF service, sending username and password in HTTP or SOAP headers
WCF Service contacts STS using username and password (from headers) and retreives required claims
(no ws-federation, or any other ws-* protocol)
Anyone has a clue on what would be the best way of doing this?