Windows Identity Foundation 不正式支持 SAML 2.0；使用 WIF CTP 还是坚持使用 SAML 1.1? [英] Windows Identity Foundation does not officially support SAML 2.0; use WIF CTP or stick with SAML 1.1?

问题描述

我们希望将 SAML 2.0 用于单点登录解决方案.作为典型的微软商店，我们更喜欢尽可能使用微软组件.Windows Identity Foundation 支持 SAML 2.0，但该扩展仍处于社区技术预览 (CTP) 中一年多，没有任何关于未来课程的信息.见 http://blogs.msdn.com/b/alikl/archive/2011/05/16/windows-identity-foundation-wif-extension-for-saml-2-0-protocol-community-technology-preview-ctp.aspx

We would like to use SAML 2.0 for a Single Sign On solution. As a typical Microsoft shop, we prefer to use Microsoft components as much as possible. Windows Identity Foundation supports SAML 2.0, but the extension is still in Community Technology Preview (CTP) for more than a year, with no information anywhere on future course. See http://blogs.msdn.com/b/alikl/archive/2011/05/16/windows-identity-foundation-wif-extension-for-saml-2-0-protocol-community-technology-preview-ctp.aspx

我看到了 Michèle Bustamante 的一篇鼓舞人心的文章:http://www.devproconnections.com/article/federated-security/generate-saml-tokens-using-windows-identity-foundation 她积极推动 WIF + SAML 2.0，但在文章中没有提及 CTP 或最终版本.我也无法联系她进行澄清.

I came across an inspiring article by Michèle Bustamante: http://www.devproconnections.com/article/federated-security/generate-saml-tokens-using-windows-identity-foundation She actively promotes WIF + SAML 2.0, but nowhere in the article she talks about CTP or final release. Neither could I reach her for a clarification.

在此背景下，使用 SAML 2.0 的 WIF 社区技术预览版还是坚持使用 SAML 1.1 安全吗?SAML 2.0 是否比 SAML 1.1 具有显着优势?SAML 1.1 的未来是否存在问题?

With this background, is it safe to use WIF Community Technology Preview for SAML 2.0 or stick with SAML 1.1? Does SAML 2.0 offer significant advantage over SAML 1.1? Is the future of SAML 1.1 in question?

还有其他选择吗?

推荐答案

您应该澄清您是在谈论 SAML 2.0 协议(例如 SAMLP)还是仅谈论令牌类型.WIF RTM 支持 SAML 2.0 令牌，但不支持 SAMLP.

You should clarify whether you're talking about SAML 2.0 protocol (e.g SAMLP) or just the token type. WIF RTM supports SAML 2.0 tokens, but not SAMLP.

因此，如果您只需要 SAML 2.0 令牌支持，WIF RTM 就足够了，尽管 WIF 扩展 CTP 确实添加了一些 SAMLP 支持.

So if it's just SAML 2.0 token support you need, WIF RTM is sufficient, though WIF extensions CTP does add some SAMLP support.

如果您正在寻找 SAMLP 解决方案并且您是一家 Microsoft 商店，那么您应该考虑 ADFS 2.0.

If you're looking for a SAMLP solution and you're a Microsoft shop then you should consider ADFS 2.0.

ADFS 2.0 将执行协议转换":它将与身份提供者和 WS-Federation 与您的应用程序进行 SAMLP(均使用 SAML令牌").WIF 支持 WS-Federation.

ADFS 2.0 would do "protocol transition": it will talk SAMLP with the Identity Provider and WS-Federation with your app (both use SAML "Tokens"). WIF supports WS-Federation.

这篇关于Windows Identity Foundation 不正式支持 SAML 2.0；使用 WIF CTP 还是坚持使用 SAML 1.1?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！