wif

How can i get the WindowsIdentity or WindowsPrincipal of a WCF Claim / SecurityIdentifier (SID)?

I'm trying to allow all users in the Administrators group access through WCF. internal sealed class AuthorizationManager : ServiceAuthorizationManager { public override bool CheckAccess(OperationContext operationContext) { base.CheckAccess(operationContext); ReadOnlyCollection<ClaimSet> claimSets = operationContext.Se...

Geneva Server And SQL Store

I have heard from some of the microsoft connect blogs that Geneva Server works with AD/LDAP as identity providers. If I have to configure my own custom attribute store in SQL server, with these users not being in AD groups would that be possible.from the blogs what I have seen is that Genevea Server is tightly coupled with AD and if I ha...

Windows Identiy foundation redistributable failed on Vista Home Premium edition

Yesterday it was announed that WIF - Windows Identity Foundation SDK RC was released in public domain. I tried installing the msu file from MSDN on my PC which has Home Premium edition of Vista and it failed? Microsoft mentions that Vista is supported but does not mention any versions of Vista on the site...Does anyone have similar probl...

WIF manually generate federationmetadata.xml

I am playing with windows identity foundation and I am trying to create an MVC.NET based Security Token Service and use it as the Single Sign On application. My only problem is that I don't know how to generate the federationmetadata.xml file. Is there any tool to generate this file manually? ...

Where did 'My" certificate store go?

Because I'm awesome I'm trying to run the latest WIF demo app using VS2k10 B2 on my 7 boxen... 64bit of course (my neckbeard is strong) I'm having a problem getting it running. Part of the whole demo thing requires I install some certificates on the local machine. Problem is that they ask me to install some of the website certs into a ...

Windows Identity Foundation - Third Party Secure Token Server

I'm trying to get my head around all the claims based windows identity foundation magic. Assuming I don't want to use ADFS, one thing that isn't clear to me is whether its best to roll your own STS using WIF to do some of the hard work or to rely on a third party. And if it is the third party option - what third party STS's are there ...

Handling credentials in an app consuming a WCF service with WIF/Geneva

hi there: I wonder what are the best practises in a client app ( winforms/ console/ whatever else) regarding consuming WCF that is Authorized and authenticated using WIF (used to be called geneva). Also at a service level, is it possible to cache the token so the the trip to the STS is not necesary for every WCF operation? ( more info ...

Custom Claims with Geneva framework and how to "synch" users whitin your app

Hi there Maybe this question highlights how little I know about claims identity management, but here it goes. If using WIF within an application that uses a third party STS for Identity and that uses custom claims for authorization ( something pertinent and specificto the application like CanCreateFooBar ) 1) How do I manage the users...

ASP.Net WCF service's Thread.CurrentPrincipal is being thrown away by some interceptor in a Federated (WIF) environment

I have a per-call WCF service that's being hosted in IIS (.svc). In the service's constructor, I set Thread.CurrentPrincipal = HttpContext.Current.User as per this article. In this case HttpContext.Current.User is of type Microsoft.IdentityModel.Claims.ClaimsPrincipal and has the claims that were sent back from my custom passive STS. Ho...

Using Windows Identity Foundation to log someone in to an ASP.net application

My supervisor at the office tells me that he saw a demonstration with a pre-release version of Microsoft "Geneva" (now Windows Identity Foundation) where a developer did the following: He set up some sort of ASP.net web application where a user could log in using a customized log-on system. Behind the scenes, the web application logs ...

Programatically configure Web App and WCF to use an STS (WIF)

Ok so I ve step up a very simple asp.net and wcf service to use and STS for authentication, however, I wonder how can i achieve the same if configuringing it programatically. I know I need to have certain information in web.config , I can also seee that from my client I have access to the namespace Microsoft.Identity.Configuration names...

Windows Identity Foundation tutorials?

I've been looking around for some beginning tutorials on implementing Windows Identity Foundation in an application, but cannot seem to find much. Anybody know any good tutorials for a beginner in this area? Also can one implement it in a standalone application, not connected to the internet? ...

Windows Indentity Foundation need IIS 7 Windows Authentication

I'm currently trying to do some tutorials on the Windows Identity Foundation, however, I cannot run the sample provided. It says "Unable to start debugging on the web server, the underlying connection was closed" I think it is because my machine runs Vista Home Premium, that does not support Windows Authentication for IIS 7.0. Can s...

Finding STS providers for Windows Identity Foundation

Hi all, I've had a very brief look at Windows Identity Foundation (WIF) and it looks to me like I could say that my site is going to accept logins from other sites. e.g. anyone with a gmail or LiveID account will be able to post comments on a thread in my application. When the post comment button is clicked the user is redirected to a pr...

getting Windows Identity Foundation "Developer Training Kit" examples to work

I downloaded the "Developer Training Kit" for Windows Identity Foundation and installed it on a newly set up Windows Server 2008 R2 virtual machine. When I open up the example solutions and press F5 to run them, I get the following error: "Unable to start debugging on the web server. The underlying connection was closed: An unexpected...

Getting WIF to work with OpenSSO as STS

Hi gang, Using OpenSSO as an identity provider, what should I do (i.e. with FedUtil.exe) to configure my .NET relying party so that it will do the STS dance? I've gotten OpenSSO's WS-Trust client samples running, so I think OSSO's in a good state and ready for the next step. I'm at the FedUtil.exe's "Use an existing STS" wall. Where ...

Using ADFS 2.0 with non-.NET services

I am looking at ways to tie together a number of Windows-based web services together under single-sign-on. Microsoft's Windows Identity Framework and ADFS 2.0 are the perfect tools for the job, except that not all of our web services are written in .NET. One is classic ASP and another PHP. Are there existing libraries that will work for ...

What are good ways to architect a custom "ClaimsAuthorizationManager" Windows Identity Foundation class?

I am working on the very first project at my office where we will be using "Windows Identity Foundation" with Claims-Based-Authorization. To this end, Microsoft .net provides the ClaimsAuthorizationManager abstract class. In order to use this class, you override two methods: the constructor and CheckAccess(context as ClaimsAuthorizatio...

Windows Identity Foundation: How to get new security token in ASP.net

I'm writing an ASP.net application that uses Windows Identity Foundation. My ASP.net application uses claims-based authentication with passive redirection to a security token service. This means that when a user accesses the application, they are automatically redirected to the Security Token Service where they receive a security token...

Authentication and Authorization scheme for an application exposed as WCF Service Layer?

Hi, I know this question must have been discussed million times in your organization. One more go. Designing a LOB application which has its business operations exposed as services. These services would be accessed by our own web application(ASP.Net MVC), smart desktop clients, mobile clients, as well as, our partners via either thei...