tags:

views:

87

answers:

1
Q: 

Programmatically creating a client proxy for a WIF-secured WCF Service

Folks,

Here's what I've done so far:

1) Created an ASP.NET MVC relying party application and secured it with ADFS v2.0. This works.

2) Created a WCF Service using the Claims-Aware service template for an ASP.NET website. I've turned ASP.NET compatibility for the service ON because the service wouldn't activate otherwise. I've moved the interface for said service to a 'SharedContracts' assembly.

3) Set up the WCF service as a relying party using the "Add STS" reference, also pointing at my ADFS server.

4) Configured the ADFS server to include the WCF service as a relying party and issue it LDAP claims.

What I want to do now is talk to the service using ActAs. In other words, when someone hits HomeController.Index() from the ASP.NET MVC site with a token full of claims (remember the MVC site is a relying party), I want this method to programmatically create a client proxy and invoke the single service method I have on the WCF service (a method called "HelloClaim", which is nearly identical to the stock method that comes with the claims-aware service template).

Here's the code I've got so far:

[ValidateInput(false)]
public ActionResult Index()
{
  SecurityToken callerToken = null;

  IClaimsPrincipal claimsPrincipal = Thread.CurrentPrincipal as IClaimsPrincipal;
  if (claimsPrincipal != null)
  {
    foreach (IClaimsIdentity claimsIdentity in claimsPrincipal.Identities)
    {
      if (claimsIdentity.BootstrapToken is SamlSecurityToken)
      {
        callerToken = claimsIdentity.BootstrapToken;
        break;
      }
    }

    string baseAddress = "http://khoffman2/SecureServices/Service.svc";

    ChannelFactory<IHelloClaim> factory = new ChannelFactory<IHelloClaim>(new WebHttpBinding(), new EndpointAddress(baseAddress));
    factory.ConfigureChannelFactory<IHelloClaim>();
    IHelloClaim hello = factory.CreateChannelActingAs<IHelloClaim>(callerToken);

    string result = hello.HelloClaim();
    ViewData["Message"] = "Welcome to ASP.NET MVC!";
  }



  return View();
}

When I attempt to invoke the method, I get the following error message:

Manual addressing is enabled on this factory, so all messages sent must be pre-addressed.

I'm pretty sure I'm just not doing enough to configure the binding and the endpoint programmatically. If any of you have done this before or you know how to do it, I would love to be able to get this working.

Bottom line is I'm just making use of the basic identity delegation scenario - the only difference is I'm not using generated client proxies.

Thanks!!

A: 

Take a look at this guide over at TechNet as it has a walkthrough on how to setup the scenario you've described:

http://technet.microsoft.com/en-us/library/adfs2-identity-delegation-step-by-step-guide(WS.10).aspx

In their example, I believe they are using standard WebForms, but in the case of MVC you can put the ChannelFactory initialization within the Global.asax within the Application_Start.

MattK  2010-08-18 18:03:14

related questions

Dynamic programming with WCF
WCF Service Returning "Method Not Allowed"
Exceptions in Web Services
What SPN do I need to set for a net.tcp service?
How do I unit test a WCF service?
Best practices for versioning your services with WCF?
Lazy Loading with a WCF Service Domain Model?
How many ServiceContracts can a WCF Service have?
How can I authenticate using client credentials in WCF just once?
WCF - Domain Objects and IExtensibleDataObject
InvalidOperationException while creating wcf web service instance
Closing and Disposing a WCF Service
What WCF best practices do you follow in object model design?
WCF push to client through firewall?
Loading System.ServiceModel configuration section using ConfigurationManager
I would like some tips for debugging WCF Web Service exceptions
What's the best way to authenticate over WCF?
Good Reads for Distributed Systems
.Net - Returning DataTables in WCF
What is the easiest way to add compression to WCF in Silverlight?
WCF Backward Compatibility Issue
Best Practices for securing a REST API / web service
Web Services -- WCF vs. Standard
C# WCF Service - Backward compatibility issue
WCF - High availability