Windows Identity Foundation 无法接受从 WSO2 的 WS-Trust 请求的 SAML2 令牌(请参阅异常)。是否可以更改令牌或是否有解决此问题的已知解决方案?
System.Xml.XmlException: Cannot read KeyIdentifierClause from element 'Reference' with namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'. Custom KeyIdentifierClauses require custom SecurityTokenSerializers, please refer to the SDK for examples.
at System.IdentityModel.Tokens.WSSecurityJan2004.SecurityTokenReferenceJan2004ClauseEntry.ReadKeyIdentifierClauseCore(XmlDictionaryReader reader)
at System.IdentityModel.Tokens.KeyInfoSerializer.ReadKeyIdentifierClauseCore(XmlReader reader)
at System.IdentityModel.Tokens.SecurityTokenHandlerCollection.ReadKeyIdentifierClauseCore(XmlReader reader)
at System.IdentityModel.Protocols.WSTrust.WSTrustSerializationHelper.ReadRSTRXml(XmlReader reader, RequestSecurityTokenResponse rstr, WSTrustSerializationContext context, WSTrustConstantsAdapter trustConstants)
at System.IdentityModel.Protocols.WSTrust.WSTrust13ResponseSerializer.ReadXml(XmlReader reader, WSTrustSerializationContext context)
at System.IdentityModel.Services.WSFederationSerializer.CreateResponse(FederationMessage message, WSTrustSerializationContext context)
at System.IdentityModel.Services.WSFederationAuthenticationModule.GetXmlTokenFromMessage(SignInResponseMessage message, WSFederationSerializer federationSerializer)
at System.IdentityModel.Services.WSFederationAuthenticationModule.GetSecurityToken(SignInResponseMessage message)
at System.IdentityModel.Services.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequestBase request)
at System.IdentityModel.Services.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)