I'm trying to allow all users in the Administrators group access through WCF. internal sealed class AuthorizationManager : ServiceAuthorizationManager { public override bool CheckAccess(OperationContext operationContext) { base.CheckAccess(operationContext); ReadOnlyCollection<ClaimSet> claimSets = operationContext.Se...
I have heard from some of the microsoft connect blogs that Geneva Server works with AD/LDAP as identity providers. If I have to configure my own custom attribute store in SQL server, with these users not being in AD groups would that be possible.from the blogs what I have seen is that Genevea Server is tightly coupled with AD and if I ha...
Yesterday it was announed that WIF - Windows Identity Foundation SDK RC was released in public domain. I tried installing the msu file from MSDN on my PC which has Home Premium edition of Vista and it failed? Microsoft mentions that Vista is supported but does not mention any versions of Vista on the site...Does anyone have similar probl...
I am playing with windows identity foundation and I am trying to create an MVC.NET based Security Token Service and use it as the Single Sign On application. My only problem is that I don't know how to generate the federationmetadata.xml file. Is there any tool to generate this file manually? ...
Because I'm awesome I'm trying to run the latest WIF demo app using VS2k10 B2 on my 7 boxen... 64bit of course (my neckbeard is strong) I'm having a problem getting it running. Part of the whole demo thing requires I install some certificates on the local machine. Problem is that they ask me to install some of the website certs into a ...
I'm trying to get my head around all the claims based windows identity foundation magic. Assuming I don't want to use ADFS, one thing that isn't clear to me is whether its best to roll your own STS using WIF to do some of the hard work or to rely on a third party. And if it is the third party option - what third party STS's are there ...
hi there: I wonder what are the best practises in a client app ( winforms/ console/ whatever else) regarding consuming WCF that is Authorized and authenticated using WIF (used to be called geneva). Also at a service level, is it possible to cache the token so the the trip to the STS is not necesary for every WCF operation? ( more info ...
Hi there Maybe this question highlights how little I know about claims identity management, but here it goes. If using WIF within an application that uses a third party STS for Identity and that uses custom claims for authorization ( something pertinent and specificto the application like CanCreateFooBar ) 1) How do I manage the users...
I have a per-call WCF service that's being hosted in IIS (.svc). In the service's constructor, I set Thread.CurrentPrincipal = HttpContext.Current.User as per this article. In this case HttpContext.Current.User is of type Microsoft.IdentityModel.Claims.ClaimsPrincipal and has the claims that were sent back from my custom passive STS. Ho...
My supervisor at the office tells me that he saw a demonstration with a pre-release version of Microsoft "Geneva" (now Windows Identity Foundation) where a developer did the following: He set up some sort of ASP.net web application where a user could log in using a customized log-on system. Behind the scenes, the web application logs ...
Ok so I ve step up a very simple asp.net and wcf service to use and STS for authentication, however, I wonder how can i achieve the same if configuringing it programatically. I know I need to have certain information in web.config , I can also seee that from my client I have access to the namespace Microsoft.Identity.Configuration names...
I've been looking around for some beginning tutorials on implementing Windows Identity Foundation in an application, but cannot seem to find much. Anybody know any good tutorials for a beginner in this area? Also can one implement it in a standalone application, not connected to the internet? ...
I'm currently trying to do some tutorials on the Windows Identity Foundation, however, I cannot run the sample provided. It says "Unable to start debugging on the web server, the underlying connection was closed" I think it is because my machine runs Vista Home Premium, that does not support Windows Authentication for IIS 7.0. Can s...
Hi all, I've had a very brief look at Windows Identity Foundation (WIF) and it looks to me like I could say that my site is going to accept logins from other sites. e.g. anyone with a gmail or LiveID account will be able to post comments on a thread in my application. When the post comment button is clicked the user is redirected to a pr...
I downloaded the "Developer Training Kit" for Windows Identity Foundation and installed it on a newly set up Windows Server 2008 R2 virtual machine. When I open up the example solutions and press F5 to run them, I get the following error: "Unable to start debugging on the web server. The underlying connection was closed: An unexpected...
Hi gang, Using OpenSSO as an identity provider, what should I do (i.e. with FedUtil.exe) to configure my .NET relying party so that it will do the STS dance? I've gotten OpenSSO's WS-Trust client samples running, so I think OSSO's in a good state and ready for the next step. I'm at the FedUtil.exe's "Use an existing STS" wall. Where ...
I am looking at ways to tie together a number of Windows-based web services together under single-sign-on. Microsoft's Windows Identity Framework and ADFS 2.0 are the perfect tools for the job, except that not all of our web services are written in .NET. One is classic ASP and another PHP. Are there existing libraries that will work for ...
I am working on the very first project at my office where we will be using "Windows Identity Foundation" with Claims-Based-Authorization. To this end, Microsoft .net provides the ClaimsAuthorizationManager abstract class. In order to use this class, you override two methods: the constructor and CheckAccess(context as ClaimsAuthorizatio...
I'm writing an ASP.net application that uses Windows Identity Foundation. My ASP.net application uses claims-based authentication with passive redirection to a security token service. This means that when a user accesses the application, they are automatically redirected to the Security Token Service where they receive a security token...
Hi, I know this question must have been discussed million times in your organization. One more go. Designing a LOB application which has its business operations exposed as services. These services would be accessed by our own web application(ASP.Net MVC), smart desktop clients, mobile clients, as well as, our partners via either thei...