STS seems to ignore the (w)reply attribute.

Oct 1, 2010 at 12:51 PM

I created a prototype that is calling STS generated by Visual Studio 2010 (Add STS Reference).

My prototype seems to work correctly.

However STS seems to ignore the  reply  attribute. STS continues to redirect to the realm url. (see below)

Probably I need to add/change the coding in the STS to do the redirect.

Can anybody help me with this?

Thanks,

Wim Denayer.

<federatedAuthentication>         <wsFederation passiveRedirectEnabled="true" issuer="https://localhost/ClaimsEnableWebSiteEx01_End_STS/" realm="https://localhost/ClaimsEnableWebSiteEx01_3_End/" requireHttps="true" reply="https://localhost/ClaimsEnableWebSiteEx01_3_End/default2.aspx" />

        <cookieHandler requireSsl="true" />

      </federatedAuthentication>

Coordinator
Oct 1, 2010 at 12:56 PM

You have to change the GetScope method in the STS to this. This way, if the RST comes with the wreply, the STS will honor it.

if (string.IsNullOrEmpty(request.ReplyTo))
            {
                scope.ReplyToAddress = scope.AppliesToAddress;
            }
            else
            {
                scope.ReplyToAddress = request.ReplyTo;
            }

Matias

Oct 1, 2010 at 1:12 PM

Hello Matias,

I have added your code.

The STS is still redirecting to realm instead of the wreply URL.

I added a breakpoint to be sure scope.ReplyToAddress is assigned to correct value (request.ReplyTo) but redirecting fails.

Do you have any other suggestion for me?

 

Thanks,

Wim Denayer.

Coordinator
Oct 1, 2010 at 1:28 PM

Use a tool like Fiddler (you have to change localhost with your machine name in the config) or an addon for FireFox like HttpHook. That will give you an idea of what is happening on the wire. If you used that code in the STS it should work.

Matias

 

Oct 13, 2010 at 12:26 PM

Hello Mathias,

I created a very simple web site with 2 aspx pages, default.aspx and default2.aspx. To keep things simple I use HTTP without certificates.

Then I added STS generated by visual studio and I added your coding to the GetScope Methode to do the redirect to default2.aspx.

In Fiddler I see that STS is doing a POST to Default2.aspx (which is great) but then a GET is done to default.aspx.

Why is there a GET to Default.aspx after the POST to Default2.aspx

Any ideas

Thanks,

Wim Denayer.

 

http://brudev2008/junkClaimsEnableWebSiteEx01/Default.aspx
http://brudev2008/junkClaimsEnableWebSiteEx01_STS/?wa=wsignin1.0&wtrealm=http%3a%2f%2fbrudev2008%2fjunkClaimsEnableWebSiteEx01%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fjunkClaimsEnableWebSiteEx01%252fDefault.aspx&wct=2010-10-13T11%3a57%3a00Z&wreply=http%3a%2f%2fbrudev2008%2fjunkClaimsEnableWebSiteEx01%2fdefault2.aspx
http://brudev2008/junkClaimsEnableWebSiteEx01_STS/Login.aspx?ReturnUrl=%2fjunkClaimsEnableWebSiteEx01_STS%2f%3fwa%3dwsignin1.0%26wtrealm%3dhttp%253a%252f%252fbrudev2008%252fjunkClaimsEnableWebSiteEx01%252f%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252fjunkClaimsEnableWebSiteEx01%25252fDefault.aspx%26wct%3d2010-10-13T11%253a57%253a00Z%26wreply%3dhttp%253a%252f%252fbrudev2008%252fjunkClaimsEnableWebSiteEx01%252fdefault2.aspx&wa=wsignin1.0&wtrealm=http%3a%2f%2fbrudev2008%2fjunkClaimsEnableWebSiteEx01%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fjunkClaimsEnableWebSiteEx01%252fDefault.aspx&wct=2010-10-13T11%3a57%3a00Z&wreply=http%3a%2f%2fbrudev2008%2fjunkClaimsEnableWebSiteEx01%2fdefault2.aspx
http://brudev2008/junkClaimsEnableWebSiteEx01_STS/Login.aspx?ReturnUrl=%2fjunkClaimsEnableWebSiteEx01_STS%2f%3fwa%3dwsignin1.0%26wtrealm%3dhttp%253a%252f%252fbrudev2008%252fjunkClaimsEnableWebSiteEx01%252f%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252fjunkClaimsEnableWebSiteEx01%25252fDefault.aspx%26wct%3d2010-10-13T11%253a57%253a00Z%26wreply%3dhttp%253a%252f%252fbrudev2008%252fjunkClaimsEnableWebSiteEx01%252fdefault2.aspx&wa=wsignin1.0&wtrealm=http%3a%2f%2fbrudev2008%2fjunkClaimsEnableWebSiteEx01%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fjunkClaimsEnableWebSiteEx01%252fDefault.aspx&wct=2010-10-13T11%3a57%3a00Z&wreply=http%3a%2f%2fbrudev2008%2fjunkClaimsEnableWebSiteEx01%2fdefault2.aspx
http://brudev2008/junkClaimsEnableWebSiteEx01_STS/?wa=wsignin1.0&wtrealm=http%3a%2f%2fbrudev2008%2fjunkClaimsEnableWebSiteEx01%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fjunkClaimsEnableWebSiteEx01%252fDefault.aspx&wct=2010-10-13T11%3a57%3a00Z&wreply=http%3a%2f%2fbrudev2008%2fjunkClaimsEnableWebSiteEx01%2fdefault2.aspx
http://brudev2008/junkClaimsEnableWebSiteEx01/default2.aspx
http://brudev2008/junkClaimsEnableWebSiteEx01/Default.aspx

May 11, 2011 at 5:25 AM

Was this issue resolved? I'm experiencing the same issue.

Jul 8, 2011 at 5:02 PM

This happens because of the RequestValidator not being present. Add the SampleRequestValidator.cs which is added as part of the project when created using VS2010.