Configuring SAML Assertion Subject Name and Format for a WIF STS

In some interop scenarios, subject name and its format needs to be included in the Saml token/assertion generated by the STS. You can easily configure a WIF based STS to generate this by adding a NameIdentifier claim and by settings it’s format property.


protected override IClaimsIdentity GetOutputClaimsIdentity(IClaimsPrincipal principal,


RequestSecurityToken request, Scope scope)


{


var nameIdentifierClaim = new Claim(ClaimTypes.NameIdentifier, "me@zamd.com");


nameIdentifierClaim.Properties[ClaimProperties.SamlNameIdentifierFormat] = "EMAIL";





More Here



return new ClaimsIdentity(


new Claim[]


{


new Claim(System.IdentityModel.Claims.ClaimTypes.Name, "Zulfiqar"),


nameIdentifierClaim


});






This generates following Saml Assertion where you can see the generated NameIdentifier & format attribute.








me@zamd.com





urn:oasis:names:tc:SAML:1.0:cm:bearer











Zulfiqar