Is it possible to style the Windows Identity Foundation postback page?

Is it possible to style the Windows Identity Foundation post开发者_StackOverflow中文版back page?

This is the page that comes across as blank after you successfully login and the url is similar to https://sts.address.com/?wa=wsignin1.0&wtrealm=https....

I read the following article, http://www.paraesthesia.com/archive/2011/01/31.aspx, which led me to using dotPeek on the Microsoft.IdentityModel assembly. Which shows me that all the ProcessSignInResponse message does, is the following:

 public static void ProcessSignInResponse(SignInResponseMessage signInResponseMessage, HttpResponse httpResponse)
    {
      if (signInResponseMessage == null)
        throw DiagnosticUtil.ExceptionUtil.ThrowHelperArgumentNull("signInResponseMessage");
      else if (httpResponse == null)
      {
        throw DiagnosticUtil.ExceptionUtil.ThrowHelperArgumentNull("httpResponse");
      }
      else
      {
        signInResponseMessage.Write(httpResponse.Output);
        httpResponse.Flush();
        httpResponse.End();
      }
    }

The signInResponseMessage.Write method does the following:

public override void Write(TextWriter writer)
    {
      if (writer == null)
      {
        throw DiagnosticUtil.ExceptionUtil.ThrowHelperArgumentNull("writer");
      }
      else
      {
        this.Validate();
        writer.Write(this.WriteFormPost());
      }
    }

As you can see, in essence, all that is performed, is to write the content of WriteFormPost to the response stream.

So I am, as we speak, changing my "ProcessSignIn" method to return the HTML to be output, instead of calling FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse.

So, I have changed my method essentially from this:

public static void ProcessSignIn(SignInRequestMessage signInRequest, HttpResponse httpResponse) 
    {
    FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(signInResponseMessage, httpResponse);
    }

To:

public static string ProcessSignIn(SignInRequestMessage signInRequest) 
    {
    return signInResponseMessage.WriteFormPost();
    }

Of course, the SignInResponseMessage should have provided a cleaner method of returning just the "main" content of what you want to write to your form post, but getting the HTML form as a string at least makes it easier to modify the result before returning it to the client with Response.Write(result).

I don't know if this is a documented feature, but I will suggest the following as a jumping-off point:

If your code looks anything at all like mine, you have a line of code that looks like:

FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, HttpContext.Current.Response)

The second parameter to ProcesssignInResponse is an HttpResponse object. I tried, unsuccessfully, to find an answer to your question, by trying to pass in a custom HttpResponse message in order to capture the output so we can manipulate it however you like:

Dim myStringbuilder As New StringBuilder
Dim myStringWriter As New IO.StringWriter(myStringbuilder)
Dim myResponse As New Web.HttpResponse(myStringWriter)

If you pass in myResponse to ProcessSignInResponse, the following exception is thrown:

System.NullReferenceException: Object reference not set to an instance of an object. at System.Web.HttpResponse.End() at Microsoft.IdentityModel.Web.FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(SignInResponseMessage signInResponseMessage, HttpResponse httpResponse) at Logon_App.LCLoginBase.issueTokenAndRedirect(logonParamsStruct& logonParams) in C:\Logon App\Logon App\Code\LCLogin\LCLoginBase.vb:line xxx