Are there any decent examples of the following available: Looking through the WIF SDK, there are examples of using WIF in conjunction with ASP.NET using the WSFederationAuthenticationModule (FAM) to redirect to an ASP.NET site thin skin on top of a Security Token Service (STS) that user uses to authenticate (via supplying a username and...
Is there a sample application for using WIF with a ASP.NET MVC application? Can someone help me get started trying to integrate both of these technologies? ...
I am trying to understand the difference between Active and Passive federation in WIF. It appears that one would use an Active Federation if the Relying Party (RP) is a WCF Service instead of an ASP.NET application and a Passive Federation if the RP is an ASP.NET application. Is this accurate? So, in a scenario in which an ASP.NET appli...
I have a need to implement a STS-IP server for our web applications and services. The server will need to issue SAML tokens for the following scenarios: Business partner submits their SAML token which is converted to a SAML token with the claims required for our applications. This token is used to access our Web Applications and Serv...
I have WinForms and ASP.Net applications that need to access WCF Web and Data services using a SAML token. I've been looking at Windows Identity Foundation (WIF) to enable the WCF service to use SAML tokens from an STS-IP. On the client, do I make a call to the STS and get a SAML token, then pass the token to the WCF service? if so, h...
Is it possible to style the Windows Identity Foundation postback page? This is the page that comes across as blank after you successfully login and the url is similar to https://sts.address.com/?wa=wsignin1.0&wtrealm=https.... ...
I'm trying to evaluate whether to use classic Principal based authorization vs. IdentityModel authorization. It seems like Microsoft is recommending the latter these days, but I haven't seen enough in terms of maturity or support for it. Specifically, I really like the ability to set a PrincipalPermissionAttribute and allow the framework...
Is it possible to share the claims based authentication of a logged in Sharepoint 2010 user with a separate Asp.net application? The following article describes how it was done using Sharepoint 2007 and forms authentication through forms auth and sharing machine keys etc however I cannot find any information regarding the external appl...
I want to configure the timeout duration that is applied to the cookies that are created on relying party after a user logs in through the passive Security Token Service (STS). I believe I read somewhere this is defaulted to 14 minutes however I can't find where I read this any longer. I would like to up this to a more reasonable 35 mi...