browse.develop.com
Browse.develop.com is a community that was established to collect and organize valuable web information. Our technical staff have selected and indexed information and courses that they feel will help you stay current on best practices across the SDLC.

3 Articles match "Security Token","WCF"

Related DevelopMentor Courses MORE
Advanced Windows Communication Foundation
In this course, you learn to: Understand the motivation and architecture behind SOA & WCF Create clients and services with WCF Expose your services using SOAP and REST Choose between different channels, bindings, and configuration options Host a service as a Windows service or in IIS/WAS Authenticate and authorize access to services Federate services using tokens and claims Span transactions across service boundaries Add reliability using transport and message mechanisms Extend WCF by writing custom behaviors and creating custom channels Advanced Windows Communication Foundation presents
DevelopMentor Courses - Monday, March 1, 2010
READ MORE
Essential Windows Communication Foundation
In this course, you learn to: Understand the motivation and architecture behind SOA & WCF Create clients and services with WCF Expose your services using SOAP and REST Choose between different channels, bindings, and configuration options Host a service as a Windows service or in IIS/WAS Deal with concurrency and sessions in WCF Handle errors in services Authenticate and authorize access to services Federate services using tokens and claims Span transactions across service boundaries Add reliability using transport and message mechanisms Extend WCF by writing custom behaviors and creating
DevelopMentor Courses - Friday, June 12, 2009
READ MORE
.NET Security
Identify and prioritize risks and vulnerabilities in applications Protect data using encryption and signatures Impersonate and delegate Windows credentials Integrate with Windows domains and network authentication Write sandboxed applications Avoid common security threats like cross-site scripting or SQL injection Use CardSpace to authenticate users Secure communication with WCF Authenticate and authorize users in ASP.NET Security is a feature. But not every security feature is also a secure feature. Essential .NET NET Security gives you the necessary
DevelopMentor Courses - Friday, June 12, 2009
READ MORE

13 Articles match "Security Token","WCF"

The Latest from DevelopMentor MORE
Using SAML as a Client Credential Type in WCF (updated to WIF RTM)
The main work was in the SAML security token handler Validate method, this looks now like public override ClaimsIdentityCollection ValidateToken( SecurityToken token) { if (token == null ) { throw new ArgumentNullException ( "token" ); } var samlToken = token as SamlSecurityToken ; if (samlToken == null ) { throw new ArgumentException ( "token" ); A reader has asked me to update the Client SAML sample to WIF RTM (for background and and
www.leastprivilege.com - Thursday, February 4, 2010
READ MORE
Adding a REST Endpoint to a WIF Token Service
Sometimes it is useful to have a really simple way to acquire a token from a token a simple GET request against a token issuance endpoint seems to fulfill that requirement. So I decided to a add a simple HTTP endpoint to my STS using the WCF web programming service – without having to fiddle around with WS-Federation or WS-Trust. Issuing
www.leastprivilege.com - Friday, September 11, 2009
READ MORE
Geneva Framework Quick Tip: Hosting a Security Token Service
The idea of the security token service infrastructure in Geneva is, that it is completely The key to STS hosting (and that’s btw what the WCF WSTrustServiceContract class or the FederatedPassiveSignin web control does) is to create a token service host agnostic. The STS itself expects a RequestSecurityToken and returns
www.leastprivilege.com - Wednesday, May 27, 2009
READ MORE
  • The Best from DevelopMentor MORE
  • Thinktecture Security Token Service Starter Kit
    a learning tool on how to write custom token services. Some features: active and passive security token service supports WS-Federation, WS-Trust 1.3 (message tokens based on the standard membership, roles and profile provider infrastructure membership provider is used to authenticate users and to provide a name and email claim role provider is used for authorization in the web front-end and to provider role claims profile provider I am happy to announce the “Thinktecture STS Starter Kit” sample.
    www.leastprivilege.com - Monday, May 25, 2009
    READ MORE
  • Geneva is the new WCF Security
    Geneva has evolved to not only a an extension to WCF/ASP.NET for STS/token related things - it also changes how base WCF security works - to the better IMO. to message vs transport based security - see here , here and here ). Another big simplification with Geneva Let me give you an example: Trusted certificate issuers When doing client certificate based authentication you always had three choices
    www.leastprivilege.com - Thursday, October 30, 2008
    READ MORE
  • Geneva Framework Quick Tip: Hosting a Security Token Service
    The idea of the security token service infrastructure in Geneva is, that it is completely The key to STS hosting (and that’s btw what the WCF WSTrustServiceContract class or the FederatedPassiveSignin web control does) is to create a token service host agnostic. The STS itself expects a RequestSecurityToken and returns
    www.leastprivilege.com - Wednesday, May 27, 2009
    READ MORE
  • (SAML) Token Creation in a Geneva STS
    tokens, it’s worthwhile to have a closer look. Internally the SecurityTokenService class drives a “token information gathering” token neutral description) of the token to be issued. passed on to a SecurityTokenHandler that creates the security token. By default, Geneva STS developers are quite shielded from the SAML creation process – you simply derive from SecurityTokenService and implement GetScope and GetOutputClaimsIdentity , and the rest gets done by the framework.
    www.leastprivilege.com - Saturday, November 22, 2008
    READ MORE
  • Geneva integration into WCF
    Having done quite a bit of WCF customization myself, it is fun to see how Geneva framework wires itself up into the WCF runtime. The high-level goals are as follows: route the token provisioning, serialization and authentication through the Geneva pipeline make an IClaimsPrincipal available on the service side allow setting issued tokens directly on a ChannelFactory On the service side this is achieved by passing in a ServiceHost instance into FederatedServiceCredentials.ConfigureHost() .
    www.leastprivilege.com - Thursday, March 12, 2009
    READ MORE
  • Using the .NET Access Control Service with Geneva
    The sample uses the “old” WCF plumbing to process tokens and create claims based on compat STS) at the ACS your client obtains a token from the ACS (by sending their identity token) this token is used to authenticate with your service your service accepts tokens from the ACS and uses their claims for identity related work For your service this means If you haven’t checked out the .NET NET Access Control Service yet – I can highly recommend
    www.leastprivilege.com - Thursday, December 11, 2008
    READ MORE
  • Using SAML as a Client Credential Type in WCF (updated to WIF RTM)
    The main work was in the SAML security token handler Validate method, this looks now like public override ClaimsIdentityCollection ValidateToken( SecurityToken token) { if (token == null ) { throw new ArgumentNullException ( "token" ); } var samlToken = token as SamlSecurityToken ; if (samlToken == null ) { throw new ArgumentException ( "token" ); A reader has asked me to update the Client SAML sample to WIF RTM (for background and and
    www.leastprivilege.com - Thursday, February 4, 2010
    READ MORE