First some background: We were recently tasked to send a SAML 2.0 assertion to the server that we are communicating with. We are using WCF for our client. The server is not using WCF. The guys who implement the server, don't have an STS that will issue a SAML assertion. We are trying to use WIF framework because it supports SAML 2.0 tok...
I've been configuring some of my applications to use the Windows Identity Foundation. I use the passive redirection to get security tokens from a Security Token Service. I accomplished this by inserting WIF code into a logon web site that existed before I started using WIF and then using the "Add STS Reference" within the applications....
Scenario: I've got an web app that hosts a silverlight app. Silverlight is using the web app to call wcf services. I also have WIF for federated authentication in the mix so the first thing the web app does is it redirects you the the STS to login. Once you login successfully you get a token that is wrapped in an http cookie and sent to...
I am hosting my web application on windows server 2008 with IIS 7.5, I have 2 web applications: 1. the first one is the core sso (Single Sign-on) service with a login page. 2. another web application is hosted on the same web server which use the first app for sso. I am using the WIF RTM to implementation the sso, usually, it is runn...
A simple scenario: Let's say we have a Web Application up in the cloud that let users sign up using OpenID. (I'm open to use Windows Live ID as alternative) They can log in and update some meta data, for example what their favorite color is. If I now want to get this information from a desktop client, how do I do that? I will probably ...
We have implemented SSO in a .NET web application using Windows Identity Foundation (WIF). It works great. However, we have to run it on a UNIX system using Mono. Is that possible? ...
I'am are trying to implement a Web SSO with claim based identity using WIF and AD FS 2.0 right now. Right now I have a existing ASP.Net application which delegates authentification to the AD FS 2.0 server and trust issued security tokens. That works just fine. However, in the organization there is an existing JA-SIG Central Authenticati...
I have services that use net.tcp bindings (both streaming and buffered endpoints.) I'd like to add WIF federated security to those services, while continuing to use net.tcp bindings. I've tried to create custom bindings, but so far have been unsuccessful. Below is the general architecture that I'm attempting. I'm looking for the correct ...
My context: .Net RESTful web service Client (mixed platforms, technologies, lib capabilities) has obtained a SAML token Trying to accept the token for authentication/authorization in the REST service in HTTP Authorization / X-Authorization header as query parameter Will also support SWT later, but need to get SAML tokens going Deta...
Is there a series of webcasts for Windows Identity Foundation. I don't seem to find any that talks about WIF in depth. ...
Are there any decent examples of the following available: Looking through the WIF SDK, there are examples of using WIF in conjunction with ASP.NET using the WSFederationAuthenticationModule (FAM) to redirect to an ASP.NET site thin skin on top of a Security Token Service (STS) that user uses to authenticate (via supplying a username and...
In the Windows Identity Foundation (WIF), there is a class called ClaimsPrincipalPermission. The documentation on MSDN is very sparse. It states: ClaimsPrincipalPermission represents the permission required to access a resource. ClaimsPrincipalPermission takes in a string that represents the resource to be accessed, and a string t...
The ways I can think of are: Use Windows Identity Foundation (WIF). I have never done this so is a black box and risky. Use Forms Authentication or similar, then use database replication to make sure each application has access to the data store. No doubt there are other options. More info: This is for an internet solution, not intr...
Hello, Summary: My passive STS redirect for browser clients appears to be interfering with an active WCF service that wants to invoke an operation on a service hosted on the same site. Details: I have an ASP.NET 4.0 website that's hosting a Silverlight application, to which my users authenticate by being redirected to a passive STS. ...
Is there a sample application for using WIF with a ASP.NET MVC application? Can someone help me get started trying to integrate both of these technologies? ...
I am struggling with the configuration for the scenario below. I have a custom WCF/WIF STS (RP-STS) that provides security tokens to my WCF services RP-STS is an "Active" STS RP-STS acts as a claims transformation STS RP-STS trusts tokens from many customer-specific identity provider STSes (IdP-STS) When a WCF Client connects to a ser...
I am trying to understand the difference between Active and Passive federation in WIF. It appears that one would use an Active Federation if the Relying Party (RP) is a WCF Service instead of an ASP.NET application and a Passive Federation if the RP is an ASP.NET application. Is this accurate? So, in a scenario in which an ASP.NET appli...
I have a web application and would want it to be secured using a Custom STS using Windows Identity foundation 3.5. All examples have a passive STS in scene. Why is this needed? and What happens if you call the Active STS 9Custom written using WIF) directly? ...
What is the best way to pass an existing SAML token from a website already authenticated via a passive STS? We have built an Identity Provider which is issuing passive claims to the website for authentication. We have this working. Now we would like to add some WCF services into the mix - calling them from the context of the already a...
I have a application where I want to connect to a server using WCF DS with username/password. In addition I want each client to also have a certificate (different for each client). How can I solve this in the most simple way? It must be simple to deploy new certificates to the client. ...