Hi,
From my middleware coponent that supports Claims based authentication I need to consume a WCF service hosted on Sharepoint 2010 with a kerberos respectively a SPNego authentication.
>>Claims>> Middleware >>Kerberos/SPNEGO>> WCF Service on Sharepoint 2010
My plan is to develop a Routing WCF service which will be hosted on the Middleware component. This service will evaluate the claims and call the WIF ClaimsToWindowsToken service in order to impersonate the windows user.
>>Claims>> WCF Routing Service on Middleware >>>> WIF ClaimsToWindowsToken >>Kerberos/SPNEGO>> WCF Service on Sharepoint 2010
The routing Web Service should run under a user which is allowed for delegation. After the impersonation the WCF Service on Sharepoint 2010 will be called via Windows Integrated Authentication.
I assume that the Routing Service is now able to get a kerberos token for the impersonated user. So at the Sharepoint side the user should be authenticated correctly.
Is my assumption correct?
thx
Esse