subtle interworking issues…imposed by ACS


comparing ACS working and ACS not working messages

we can make it work when we get the SOAP and addressing version right (for wstrust13):


So, when talking to ACS note the messaging version requirements:


Now that we FINALLY understand how to augment the clientcredentials structure so it can offer “RSASecurityTokens” and insert a tokenmanager that works with a “securitytokenprovider” to deliver the RSA signing key at the right time to the messaging pipeline of WCF, its all looks relatively simple.

But of course, it was a nightmare getting here.



Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in SSO. Bookmark the permalink.