Loading…
Tilbage
×

Info

Der findes en nyere version af resourcen her

OIOIDWS.Net 2.0.0


This reference implementation is based on the OIOIDWS 1.0.1a profile.

OIOIDWS defines five scenarios but it is only "Scenario 2: STS issued identity token" and "Scenario 5: Rich client and external IdP / STS" that is supported in this version. Also referred to as "Bootstrap scenario" and "Signature case".

The toolkit has only been tested with encrypted SAML assertions of type holder-of-key.

The toolkit is accessible through NuGet. Please read the readme.txt file that will appear after downloading the package. The packages will now and in the futute only be available at nuget.org

The source code including running examples are available at Softwarebørsen. Please read the https://svn.softwareborsen.dk/OIOIDWS/trunk/readme.html on how to get started.

New versioning strategy has been applied

All components will now have the same version number. It is has been done for two reasons:

- It will be more easy to see which components work together. Same version number of components are guaranteed to work together.

- The components share the same code base. Hence, it makes sence to apply the same versioning number to each component and thereby more easy to see which version of the code in the SCM that corresponds to the concrete version of each component.

Release notes OIOIDWS.WSC SOAP (Digst.OioIdws.Wsc)

- (Breaking change): ITokenService is renamed to IStsTokenService and TokenService to StsTokenService. StsTokenService is now independent of a configuration framework. However, TokenServiceConfigurationFactory.CreateConfiguration() can be used to fetch configuration from a config file.

- Added a new implemenation StsTokenServiceCache of IStsTokenService that supports caching of a STS token for the duration of its life time.

- Added support for the Bootstrap token scenario. Use ITokenService.GetTokenWithBootstrapToken to retrieve a STS token based on a bootstrap token from the NemLog-in IdP. See also the Digst.Oioidws.WscBootstrapExample example for usage.

- Added maxReceivedMessageSize configuration property to the LIBBAS binding. This allows for overriding the default message size of 64 kB.

- Fixed problem with adding configSections if it did not exist. It is now added as the first child element if it was not present.

- Upgrading NuGet package will no longer remove existing configuration.

Release notes OIOIDWS.WSP SOAP (Digst.OioIdws.Wsp)

- Added maxReceivedMessageSize configuration property to the LIBBAS binding. This allows for overriding the default message size of 64 kB.

- Fixed problem with adding configSections if it did not exist. It is now added as the first child element if not was not present.

- Upgrading NuGet package will no longer remove existing configuration.

Release notes OIOIDWS.WSC REST (Digst.OioIdws.Rest.Client)
- Uses StsTokenServiceCache that supports caching of a STS token for the duration of its life time as default. Can be configured by setting the OioIdwsStsSettings.UseTokenCache property.

- Added a two new implemenations AccessTokenService and AccessTokenServiceCache of IAccessTokenService where AccessTokenServiceCache supports caching of an access token for the duration of its expiration time. AccessTokenServiceCache is now default. Can be configured by setting the OioIdwsClientSettings.UseTokenCache property.

- Added support for the Bootstrap token scenario. Use the new constructor OioIdwsClient(OioIdwsClientSettings settings, SecurityToken bootstrapToken) to retrieve a STS token based on a bootstrap token from the NemLog-in IdP. See also the Digst.Oioidws.WscBootstrapExample example for usage.

- (Breaking change) Removed configuration option DisableClientSideExpirationValidation on OioIdwsRequestHandler as it was hard to see a real use scenario.

Release notes OIOIDWS.WSP REST (Digst.OioIdws.Rest.Server)
- No changes since last release

Profilbillede

Fejl når man forsøger at benytte OIOIdws uden en app.config/web.config

Hans Milling

Hej Kasper

Jeg forsøger at benytte OIOIdws komponenten som modul til et andet program. Jeg har derfor ikke nogen app.config/web.config som jeg har adgang til at indsætte forskellige sektioner.
Når jeg prøver at kalde StsTikenService.GetToken får jeg følgende exception:
The type {OPTIONAL} is not available for the logging. Please check the type name and assembly'

Hvordan får jeg angivet "ingen" logger uden at have en app.config? Jeg er ikke interesseret i at komponenten skal foretage nogen form for logning.
Jeg har så hentet source koden og fjernet logning så jeg kunne komme videre.
Men så får jeg en ny Exception:
SOAP signature recieved from STS does not validate!

Hvad betyder den fejl?

Min koden til TokenService ser således ud:
StsTokenServiceConfiguration cfg = new StsTokenServiceConfiguration();
cfg.StsCertificate = stsCertificate;
cfg.StsEndpointAddress = "https://SecureTokenService.nemlog-in.dk/SecurityTokenService.svc";
cfg.TokenLifeTimeInMinutes = 60;
cfg.WspEndpointId = "https://saml.sts-prod-bbr.dk";
// Indlæsning af funktions certifikat
cfg.ClientCertificate = Digst.OioIdws.Wsc.OioWsTrust.CertificateUtil.GetCertificate(StoreName.My, StoreLocation.CurrentUser, X509FindType.FindByThumbprint, "ea97a7fbf4598da7d01901d5425c7a616a6b42a5");
IStsTokenService stsTokenService = new StsTokenService(cfg);
var securityToken = stsTokenService.GetToken();

Det er den sidste linje som fejler.

Jeg håber i kan hjælpe eller henvise til nogen der kan hjælpe?

Mvh. Hans Milling...

Hej Hans

Du fjerner blot oioIdwsLoggingConfiguration fra app.config filen hvis du ikke ønsker nogen form for logning. Hvis oioIdwsLoggingConfiguration ikke er angivet vil implementeringen blot defaulte til at benytte System.Diagnostics.TraceSource.

Mht. "SOAP signature recieved from STS does not validate" betyder det at RSTR svaret fra STS ikke kunne valideres med det angivne STS Certifikat. Har du dobbelttjekket at det er det rigtige certifikat der er konfigureret?

Vh

Kasper Møller

Hej Kasper

Det forstår jeg ikke. Hvis jeg kigger i version 2.0 af jeres IOIdws komponent i LoggerFactory.cs så smider den specifikt en exception hvis sektionen ikke findes i .config filen. Det er med andre ord ikke muligt at benytte komponenten uden en .config fil.

Jeg har dobbelt tjekket certifikaterne, de ser ud til at være de rigtige. Det virker hvis jeg kører jeres komponent med en .config fil, men forsøger jeg uden får jeg fejl når jeg beder om STS token.
Jeg har skrevet et lille test program på nogle få linjer som fejler. Hvis du giver mig din e-mail adresse, så kan jeg sende kilde koden, så kan du måske se hvorfor det ikke virker?

Er det i øvrigt her, al henvendelse om OIOIdws, skal foregår eller har i en support e-mail/hotline?

Mvh. Hans Milling?

Tak for hjælpen, jeg tjekkede seneste version af OIOIdws ud igen. Her virker det. Jeg ved ikke lige hvad jeg havde fået tjekket ud før.