php - Calling an ADFS service with a .pfx certificate -


i trying connect adfs soap service receive sts token. have been given .pfx , not have username or password. first service take .pfx , give me token. use token in subsequent service calls.

i given link: somecompany.com/adfs/services/trust/13/usernamemixed , wsdl. php's built in soap functionality doesn't seem support ws-* functionality don't believe can use wsdl normal soap call. simplesamlphp seems geared towards sps , idps rather consumers. have seen several other libraries looks call adfs service use usernames , passwords rather certificate.

the way have found looks work writing envelope , posting that, seems tedious when doing several different soap calls.

are there ways / libraries call adfs service consumer?

edit:

part of wsdl:

<wsp:policy wsu:id="certificatewstrustbinding_iwstrustfeb2005async_policy"> <wsp:exactlyone>   <wsp:all>     <sp:transportbinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">       <wsp:policy>         <sp:transporttoken>           <wsp:policy>             <sp:httpstoken requireclientcertificate="false"/>           </wsp:policy>         </sp:transporttoken>         <sp:algorithmsuite>           <wsp:policy>             <sp:basic256/>           </wsp:policy>         </sp:algorithmsuite>         <sp:layout>           <wsp:policy>             <sp:strict/>           </wsp:policy>         </sp:layout>         <sp:includetimestamp/>       </wsp:policy>     </sp:transportbinding>     <sp:endorsingsupportingtokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">       <wsp:policy>         <sp:x509token sp:includetoken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/includetoken/alwaystorecipient">           <wsp:policy>             <sp:requirethumbprintreference/>             <sp:wssx509v3token10/>           </wsp:policy>         </sp:x509token>         <mssp:rsatoken sp:includetoken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/includetoken/never" wsp:optional="true" xmlns:mssp="http://schemas.microsoft.com/ws/2005/07/securitypolicy"/>         <sp:signedparts>           <sp:header name="to" namespace="http://www.w3.org/2005/08/addressing"/>         </sp:signedparts>       </wsp:policy>     </sp:endorsingsupportingtokens>     <sp:wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">       <wsp:policy>         <sp:mustsupportrefkeyidentifier/>         <sp:mustsupportrefissuerserial/>         <sp:mustsupportrefthumbprint/>         <sp:mustsupportrefencryptedkey/>       </wsp:policy>     </sp:wss11>     <sp:trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">       <wsp:policy>         <sp:mustsupportissuedtokens/>         <sp:requirecliententropy/>         <sp:requireserverentropy/>       </wsp:policy>     </sp:trust10>     <wsaw:usingaddressing/>   </wsp:all> </wsp:exactlyone>  </wsp:policy>

another portion:

<wsp:policy wsu:id="issuedtokenwstrustbinding_iwstrustfeb2005async_policy"> <wsp:exactlyone>   <wsp:all>     <sp:transportbinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">       <wsp:policy>         <sp:transporttoken>           <wsp:policy>             <sp:httpstoken requireclientcertificate="false"/>           </wsp:policy>         </sp:transporttoken>         <sp:algorithmsuite>           <wsp:policy>             <sp:basic256/>           </wsp:policy>         </sp:algorithmsuite>         <sp:layout>           <wsp:policy>             <sp:strict/>           </wsp:policy>         </sp:layout>         <sp:includetimestamp/>       </wsp:policy>     </sp:transportbinding>     <sp:endorsingsupportingtokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">       <wsp:policy>         <sp:issuedtoken sp:includetoken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/includetoken/alwaystorecipient">           <sp:requestsecuritytokentemplate>             <t:keytype>http://schemas.xmlsoap.org/ws/2005/02/trust/publickey</t:keytype>             <t:encryptwith>http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</t:encryptwith>             <t:signaturealgorithm>http://www.w3.org/2000/09/xmldsig#rsa-sha1</t:signaturealgorithm>             <t:canonicalizationalgorithm>http://www.w3.org/2001/10/xml-exc-c14n#</t:canonicalizationalgorithm>             <t:encryptionalgorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:encryptionalgorithm>           </sp:requestsecuritytokentemplate>           <wsp:policy>             <sp:requireinternalreference/>           </wsp:policy>         </sp:issuedtoken>         <mssp:rsatoken sp:includetoken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/includetoken/never" wsp:optional="true" xmlns:mssp="http://schemas.microsoft.com/ws/2005/07/securitypolicy"/>         <sp:signedparts>           <sp:header name="to" namespace="http://www.w3.org/2005/08/addressing"/>         </sp:signedparts>       </wsp:policy>     </sp:endorsingsupportingtokens>     <sp:wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">       <wsp:policy>         <sp:mustsupportrefkeyidentifier/>         <sp:mustsupportrefissuerserial/>         <sp:mustsupportrefthumbprint/>         <sp:mustsupportrefencryptedkey/>       </wsp:policy>     </sp:wss11>     <sp:trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">       <wsp:policy>         <sp:mustsupportissuedtokens/>         <sp:requirecliententropy/>         <sp:requireserverentropy/>       </wsp:policy>     </sp:trust10>     <wsaw:usingaddressing/>   </wsp:all> </wsp:exactlyone>  </wsp:policy>


-

Comments

Post a Comment

Popular posts from this blog

c# - Binding a comma separated list to a List<int> in asp.net web api -

the default binder in web api expecst http://url.com/webapi/report/?pageids=3243&pageids=2365 to bind public ihttpactionresult report(list<int> pageids){ // exciting webapi code} i wish bind http://url.com/webapi/report/?pageids=3243,2365 as running out of space in url get . i have created class public class commaseparatedmodelbinder : system.web.http.modelbinding.imodelbinder { public bool bindmodel(httpactioncontext actioncontext, modelbindingcontext bindingcontext) { //binding in here } } and registered in webapiconfig.cs var provider = new simplemodelbinderprovider( typeof(list<int>), new commaseparatedmodelbinder()); config.services.insert(typeof(modelbinderprovider), 0, provider); i have altered method signature use model binder so public ihttpactionresult report( [modelbinder] list<int> pageids){ // exciting webapi code} however break point in binder not being ...
Read more

how to prompt save As Box in Excel Interlop c# MVC 4 -

i want export excel sheet using excel interloop... i have datatable convert excel sheet... now there way save file using save dialogue box in mvc 4 here code public string datatabletoexcel(datatable dt, string htmlheading, string key) { try { microsoft.office.interop.excel.application excel; microsoft.office.interop.excel.workbook excelworkbook; microsoft.office.interop.excel.worksheet excelsheet; microsoft.office.interop.excel.range excelcellrange; excel = new microsoft.office.interop.excel.application(); excel.visible = false; excel.displayalerts = false; excelworkbook = excel.workbooks.add(type.missing); excelsheet = (microsoft.office.interop.excel.worksheet)excelworkbook.activesheet; excelsheet.name = "sheet1"; dataset ...
Read more

xslt 1.0 - How to access or retrieve mets content of an item from another item? -

my use case have item has link in item. example, item 123456789/152 has metadata field dc.relation.hasversion=123456789/717 . within item view of 123456789/152 , how can retrieve values of metadata of 123456789/717 ? example, want retrieve dc.language.iso value of 123456789/717 123456789/152 . i looked @ related items feature in dspace don't know how metadata displayed in related items list pulled items in list. i using dspace version 5.3 mirage 2 theme . edit based on schweerelos answer, below actual code. using custom metadata field dc.relation.languageversion . basically, want link other version instead of displaying value, display dc.language.iso of other version in item-view.xsl . i've incorporated answer of schweerelos question in code just displaying value of dc.relation.languageversion . sample values of dc.relation.languageversion 10665.1/9843 ; 10665.1/9844 ie not complete uri handle. thanks in advance! actual code <xsl:template name=...
Read more