tag:blogger.com,1999:blog-8263949408347549596.post5035359594374946202..comments2023-10-23T23:19:01.111+02:00Comments on Object-Oriented Software Development: ADFS 2.0 – MSIS7012/MSIS3127 when accepting claims from a custom claims providerWiktor Zychlahttp://www.blogger.com/profile/04420514974154487039noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-8263949408347549596.post-36395550789005890532011-10-27T20:22:00.576+02:002011-10-27T20:22:00.576+02:00Henrik,
the other probable cause is that your ADF...Henrik,<br /><br />the other probable cause is that your ADFS has wrong signing certificate of your custom STS - there's a match between identifiers but certificate's thumbprint does not match. The best way to maintain the correspondence is to publish the dynamic metadata on your custom STS and update the federation on the ADFS, following my tutorial http://netpl.blogspot.com/2011/09/quest-for-customizing-adfs-sign-in-web_12.html. I hope this helps.<br /><br />Regards,<br />WiktorWiktor Zychlahttps://www.blogger.com/profile/04420514974154487039noreply@blogger.comtag:blogger.com,1999:blog-8263949408347549596.post-71856735691843249622011-10-27T15:52:29.196+02:002011-10-27T15:52:29.196+02:00Hello Wiktor
Thank you for you blog post.
We exp...Hello Wiktor<br /><br />Thank you for you blog post.<br /><br />We experience the error you describe, although the ADFS claims provider identifier matches the entityID in the metadata from the custom STS. To top this off, the lcaims provider identifier also matches the issuername received in the SAML tokens from the STS.<br /><br />Do you by chance have any supplementing input, which may resolve the issue?<br /><br />Any help is greatly appreciated.<br /><br />Best Regards<br /><br />Henrik VoldbyHenrik Voldbyhttps://www.blogger.com/profile/11722126065089075843noreply@blogger.com