Hi,
I am noticing a strange difference in my ADFS and my customer's. I am receiving a SAML 2.0 Bearer assertion via WS-Trust and a .Net Client making use of WIF. In my ADFS I get the recipient. My customer is using the same code but here there's no recipient in. Configuration is the same as far as I could see.
When does ADFS put a recipient into the assertion?
Mine
<Subject>
<NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">Bob</NameID>
<SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<SubjectConfirmationData NotOnOrAfter="2014-01-30T16:40:21.776Z"/>
</SubjectConfirmation>
</Subject>
The customers subject
<Subject><NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">ATES</NameID>
<SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<SubjectConfirmationData NotOnOrAfter="2014-01-16T14:38:31.650Z" Recipient="https://host/url/url" />
</SubjectConfirmation>
</Subject>
Regards,
Mathias