首先引用System.IdentityModel和System.IdentityModel.Service這兩個元件[![](http://1.bp.blogspot.com/-JeEQBHGiBCA/Uy-gIfqaWrI/AAAAAAAABHg/CKFEhn8Di6I/s1600/01.add+component.png)](http://1.bp.blogspot.com/-JeEQBHGiBCA/Uy-gIfqaWrI/AAAAAAAABHg/CKFEhn8Di6I/s1600/01.add+component.png) 再來到web.config加入幾個設定 先加入這兩個元件的configSection
<configSections> <section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> <section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> </configSections> 再來在System.Web區段中,把網站的驗證模組設定None和不允許匿名登入 <system.web> <authentication mode="None" /> <authorization> <deny users="?" /> </authorization> <compilation debug="true" targetFramework="4.5"/> <httpRuntime targetFramework="4.5"/> </system.web> 再來在System.webServer區段中,啟用兩個HttpModule <system.webServer> <modules> <add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" /> <add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" /> </modules> </system.webServer> 最後加入WIF的設定 <system.identityModel> <identityConfiguration> <audienceUris> <add value="http://localhost:12345/" /> </audienceUris> <securityTokenHandlers> <add type="