geneva-framework

Implementing Claims-Based Security (WCF/Asp.NET)

After researching on the topic of Claims-Based Security (or a Federated Security Model). I've been coming across many examples that use Cardspace as an example. The main article that I read that gave a really great explanation of the subject was a PDF by Microsoft on a framework called Zermatt. The claims-based security architecture I'...

Creating a local Token cache using the Geneva Framework

Haven't seen many Geneva related questions yet, I have posted this question in the Geneva Forum as well... I'm working on a scenario where we have a win forms app with a wide installbase, which will be issuing frequent calls to various services hosted by us centrally throughout it's operation. The services are all using the Geneva Fram...

Specifying Required / Optional Claim Types in the Relying Party for a Passive STS

I have an asp.net application (relying party) that uses a passive STS for authentication and retrieval of claim values. The relying party is using the FederatedAuthenticationModule (FAM) to enable a passive redirect to the sts. I found documentation on how to specify required claims when using InformationCards, but have yet to find det...

Moving from ADFS to the Geneva Framework

My company is in need of a federated identity solution, and being a Microsoft shop, we're looking to use MS technologies to accomplish this goal. We don't have Server 2008 or .NET 3.5 in production, so we're limited to a .NET 2.0/Server 2003-based solution. This means (in terms of a federated identity solution), Active Directory Federa...

Talking to a Microsoft Geneva server from Java

Has anyone tried to interact with a Microsoft Geneva Server from Java? Can it be done easily, using some combination of generally available libraries? If so: What are the important Java libraries/frameworks to look into? ...

Simple Claims Transformation for an RP-STS in Geneva Framework

Hi After reading the MSDN article (http://msdn.microsoft.com/en-us/magazine/2009.01.genevests.aspx) on implementing a Custom STS using the Microsoft Geneva Framework I am a bit puzzled about one of the scenarios covered there. This scenario is shown in figure 13 of the above referenced article. My questions are around how does the RP i...

Trends in Externalizing Identity from Applications

Stackoverlow decided to use OpenID probably due to its simplicity while others believe that Information Cards (e.g. cardspace) is a better strategy in that it is backed by major industry vendors and is known to be more secure. Are there libraries that a developer can drop into a Java web application that will easily support both? ...

Alternative to Geneva Framework

Are there any alternatives to Microsoft Geneva Framework (preferably open source). We have planed to use it in production environment, but it looks like that Microsoft has license that doesn't allow that while the Geneva Framework is in beta. ...

Geneva-based STS, Java interop

I'd like to test whether my Geneva-based fedearated security services can be consumed with NetBeans/WSIT. Is there something like step-by-step guide? Server side uses 'message credentials over HTTPS' security mode while all the examples I've seen rely on message-level encryption and focus on consuming .net STS from Java RP-service. ...

automatic "Geneva" sitemap?

Is there a way to generate a sitemap from claims and all the PrincipalPermissionAttribute(s) from my WCF service? idea behind this is to have always a current sitemap derived from the user claims and Permissions. what im trying achieve: the generated sitemap should be used in an asp.net web app as regular sitemap with roles and so on. o...

Minimum operating system requirement for Geneva server?

List of minimum operating system requirement for Geneva server? ...

Geneva Server STS

My requirement is the claims assigned to a user are company aware so say for example User 1: is publisher for Product Manager for Company 1 but the same user is only editor for Company B. Can this be achieved through Geneva Server, or additional code needs to be written to override classes. ...

Geneva Framework - Modify STS Reference option not visible after visual studio Reinstall

I am working on few POCs with Geneva Framework and trying some labs from Identity Training Kit. Everything was working fine until I have repaired my Visual Studio. I am running VSTS - 2008 and there were issues with test projects, which forced me to reinstall the visual studio. After ReInstallation, Modify STS Reference option is missing...

Geneva Framework licensing cost

Is the framework once released as per microsoft later in the year 2009, going to br free or any licensing cost associated with its usage? Any insider information at this stage would greatly be appreciated ...

Using SQL Account Store in Geneva

Geneva has me pretty hot and bothered as a potential to solve complicated auth and SSO issues that have been presented to us by our customers. I understand that Geneva supports custom and SQL-based attribute stores. However, I need support for custom and SQL-based account stores. Unfortunately, I can't find any solid confirmation or de...

Windows Identiy foundation redistributable failed on Vista Home Premium edition

Yesterday it was announed that WIF - Windows Identity Foundation SDK RC was released in public domain. I tried installing the msu file from MSDN on my PC which has Home Premium edition of Vista and it failed? Microsoft mentions that Vista is supported but does not mention any versions of Vista on the site...Does anyone have similar probl...

Windows Identity Foundation - Third Party Secure Token Server

I'm trying to get my head around all the claims based windows identity foundation magic. Assuming I don't want to use ADFS, one thing that isn't clear to me is whether its best to roll your own STS using WIF to do some of the hard work or to rely on a third party. And if it is the third party option - what third party STS's are there ...

Handling credentials in an app consuming a WCF service with WIF/Geneva

hi there: I wonder what are the best practises in a client app ( winforms/ console/ whatever else) regarding consuming WCF that is Authorized and authenticated using WIF (used to be called geneva). Also at a service level, is it possible to cache the token so the the trip to the STS is not necesary for every WCF operation? ( more info ...

Custom Claims with Geneva framework and how to "synch" users whitin your app

Hi there Maybe this question highlights how little I know about claims identity management, but here it goes. If using WIF within an application that uses a third party STS for Identity and that uses custom claims for authorization ( something pertinent and specificto the application like CanCreateFooBar ) 1) How do I manage the users...

Programatically configure Web App and WCF to use an STS (WIF)

Ok so I ve step up a very simple asp.net and wcf service to use and STS for authentication, however, I wonder how can i achieve the same if configuringing it programatically. I know I need to have certain information in web.config , I can also seee that from my client I have access to the namespace Microsoft.Identity.Configuration names...