此联合命名空间不允许直接登录到WLID

本文介绍了此联合命名空间不允许直接登录到WLID的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！问题描述 29岁程序员，3月因学历无情被辞！我们有第三方应用程序从Microsoft在线安全令牌服务（STS）检索访问令牌，但得到"此联合命名空间不允许直接登录到WLID"。错误。使用相同的用户名（< user> @ abc.com）并登录Office 365门户（https://login.microsoftonline.com/），用户可以成功登录。什么似乎是问题？ Microsoft在线安全令牌服务（STS）： https://login.microsoftonline.com/extSTS.srf SAML： <？xml version =" 1.0" encoding =" UTF-8"？> < s：Envelope xmlns：s =" http：//www.w3.org/2003/05/soap-envelope"的xmlns：A =" HTTP：//www.w3.org/2005/08/addressing" xmlns：u =" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> &NBSP; < s：Header> < a：行动s：mustUnderstand =" 1"> http：//schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue< / a：行动> &NBSP;&NBSP;&NBSP;&NBSP;&NBSP; < a：回复>& < a：地址> http：//www.w3.org/2005/08/addressing/anonymous< / a：地址> < / a：ReplyTo> < a：至s：mustUnderstand =" 1"> https：//login.microsoftonline.com/extSTS.srf< / a：To> &NBSP; < o：安全xmlns：o =" http：//docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s：mustUnderstand =" 1"> < o：UsernameToken> < o：用户名> < user> @ abc.com < / o：用户名> &NBSP;&NBSP;&NBSP;&NBSP; < o：密码> < password123> < / o：密码> < / o：UsernameToken> < / o：安全> < / s：标题> < s：正文> < t：RequestSecurityToken xmlns：t =" http：//schemas.xmlsoap.org/ws/2005/02/trust"> ;&NBSP;&NBSP; < wsp：AppliesTo xmlns：wsp =" http：//schemas.xmlsoap.org/ws/2004/09/policy"> ;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP; < a：EndpointReference> < a：地址> https://abc-my.sharepoint.com/personal/<user> < / a：地址> &NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP; < / a：EndpointReference> < / wsp：AppliesTo> < t：KeyType> http：//schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey< / t：KeyType> ;&NBSP;&NBSP; < t：RequestType> http：//schemas.xmlsoap.org/ws/2005/02/trust/Issue< / t：RequestType> ;&NBSP;&NBSP; < t：TokenType> urn：oasis：names：tc：SAML：1.0：assertion< / t：TokenType> < / t：RequestSecurityToken> < / s：正文> < / s：信封> 解决方案 We have 3rd party application that retrieves access token from Microsoft Online Security Token Service (STS) but got "Direct login to WLID is not allowed for this federated namespace" error.Using the same username(<user>@abc.com) and logging in on Office 365 portal(https://login.microsoftonline.com/), the user can log in successfully. What seems to be the problem? Microsoft Online Security Token Service (STS):https://login.microsoftonline.com/extSTS.srfSAML:<?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <s:Header> <a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action> <a:ReplyTo> <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address> </a:ReplyTo> <a:To s:mustUnderstand="1">https://login.microsoftonline.com/extSTS.srf</a:To> <o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1"> <o:UsernameToken> <o:Username><user>@abc.com</o:Username> <o:Password><password123></o:Password> </o:UsernameToken> </o:Security> </s:Header> <s:Body> <t:RequestSecurityToken xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"> <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> <a:EndpointReference> <a:Address>https://abc-my.sharepoint.com/personal/<user></a:Address> </a:EndpointReference> </wsp:AppliesTo> <t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType> <t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType> <t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType> </t:RequestSecurityToken> </s:Body></s:Envelope> 解决方案这篇关于此联合命名空间不允许直接登录到WLID的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！上岸，阿里云！