browse.develop.com
Browse.develop.com is a community that was established to collect and organize valuable web information. Our technical staff have selected and indexed information and courses that they feel will help you stay current on best practices across the SDLC.

6 Articles match "Security Token","WCF"

Related DevelopMentor Courses MORE
Windows Azure Platform: Cloud Computing for.NET Developers
Security token services play a central part in making this happen. Microsoft provides a ready to use token service for Active Directory networks called ADFS 2. This module gives guidance when to use which approach and shows some of the security scenarios you can accomplish using federation and single sign-on in Windows Azure. It enables easy integration into WS-Trust, WS-Federation, OpenID and OAuth world of protocols and features a simple claims transformation engine for creating the claims and token types for your applications.
DevelopMentor Courses - Wednesday, February 22, 2012
READ MORE
Essential Windows Identity Foundation
This gives you the expressiveness to model authentication, authorization and personalization using an abstraction that can scale very well from simple scenarios to the most complex security requirements. ? You will learn how to integrate these technologies with ASP.NET and WCF applications and how to design systems that make optimal use of these new concepts. Claims-based identity is the new and preferred way to model security in distributed applications. ?xml:namespace The authentication part is called identity provider or in more general terms - a security token service.
DevelopMentor Courses - Wednesday, February 22, 2012
READ MORE
Essential Windows Identity Foundation
This gives you the expressiveness to model authentication, authorization and personalization using an abstraction that can scale very well from simple scenarios to the most complex security requirements. ? You will learn how to integrate these technologies with ASP.NET and WCF applications and how to design systems that make optimal use of these new concepts. Claims-based identity is the new and preferred way to model security in distributed applications. ?xml:namespace The authentication part is called identity provider or in more general terms - a security token service.
DevelopMentor Courses - Thursday, August 18, 2011
READ MORE

23 Articles match "Security Token","WCF"

The Latest from DevelopMentor MORE
Identity in.NET 4.5–Part 3: (Breaking) changes
This makes it much easier to deal with non-XML tokens like SWT or JWT. new session security token handler that uses the ASP.NET machine key to protect the cookie. WCF can be switched into “WIF mode” with the useIdentityConfiguration switch (odd name though). Configuration section has been split into and <system.identityModel.services /> WCF configuration story has changed as well. Bootstrap token handling is different now. The WCF WS-Trust bindings are gone. I recently started porting a private build of Thinktecture.IdentityModel to.NET 4.5
www.leastprivilege.com - Wednesday, April 4, 2012
READ MORE
2011 Recap
That gig ended in July, when I picked up some WCF work in Fort Worth building an external-facing REST-ful WCF service, as well as some internal-facing queued WCF services. That morphed into a project building a Security Token Service using Windows Identity Foundation by customizing the Thinktecture Identity Server authored by Dominick Baier. With the advent of my toolkit, I started blogging more often, holding forth on a variety of topics, including WCF, REST, Data Services, ASP.NET MVC, and the Onion Architecture. So what’s next for blogging? Persona
Tony and Zuzana's World - Tuesday, January 31, 2012
READ MORE
Thinktecture IdentityServer v1.0
Thinktecture IdentityServer is an open source security token service based on Microsoft.NET, ASP.NET MVC, WCF and WIF. Multiple token support (SAML 1.1/2.0, Yeah – it is finally done. just uploaded the v1 bits to Codeplex and the documentation to our server. Here’s the official blurb…. High level features. Multiple protocols support (WS-Trust, WS-Federation, OAuth2, WRAP, JSNotify, HTTP GET). Out of the box integration with ASP.NET membership, roles and profile. Support for username/password and client certificates authentication. Support for WS-Federation metadata.
www.leastprivilege.com - Tuesday, December 6, 2011
READ MORE
  • The Best from DevelopMentor MORE
  • Custom WCF Credential Types
    Every once in a while the question comes up how to extend WCF with custom credential types. It turns out that most of the time people don’t really want to invent custom tokens or credential types, but rather want to extend username/password style of credentials (e.g. Unfortunately the UserName token does not support this type of extensibility but there are several options to accomplish this: If your extensibility requirements are very simple you could try to encode all the information into the username and password fields of a UserName credential.
    www.leastprivilege.com - Monday, March 9, 2009
    READ MORE
  • Token based Authentication for WCF HTTP/REST Services: Authentication
    This post shows some of the implementation techniques for adding token and claims based security to HTTP/REST services written with WCF. The framework should be able to handle typical scenarios like username/password based authentication, as well as token based authentication. The framework should allow adding new supported token types. Should work with WCF web programming model either self-host or IIS hosted. In WCF the main extensibility point for this kind of security work is the ServiceAuthorizationManager. Disclaimer. Error handling.
    www.leastprivilege.com - Tuesday, November 15, 2011
    READ MORE
  • Securing a Workflow Service using Windows Identity Foundation
    The way security is often still handled these days with each application keeping track of their own users is somewhat dated. Some form of Federated security, where a single separate server is responsible for the security of a whole series of applications, is the way to go. On the internet there are plenty of examples of this with applications using things like OAuth and leaving their security to others. How about securing a workflow service? As a workflow 4 service is just another WCF service securing it is just as easy as the steps below will demonstrate.
    The Problem Solver - Friday, September 24, 2010
    READ MORE
  • Token based Authentication and Claims for Restful Services
    While there is limited support for WCF WebServiceHost based services (for standard credential types like Windows and Basic), there is no ready to use plumbing for RESTful services that do authentication based on tokens. This is not an oversight from the WIF team, but the REST services security world is currently rapidly changing – and that’s by design. There are a number of intermediate solutions, emerging protocols and token types , as well as some already deprecated ones. In (todays) WCF, you would use the ServiceAuthorizationManager infrastructure.
    www.leastprivilege.com - Tuesday, November 15, 2011
    READ MORE
  • Thinktecture IdentityServer v1.0
    Thinktecture IdentityServer is an open source security token service based on Microsoft.NET, ASP.NET MVC, WCF and WIF. Multiple token support (SAML 1.1/2.0, Yeah – it is finally done. just uploaded the v1 bits to Codeplex and the documentation to our server. Here’s the official blurb…. High level features. Multiple protocols support (WS-Trust, WS-Federation, OAuth2, WRAP, JSNotify, HTTP GET). Out of the box integration with ASP.NET membership, roles and profile. Support for username/password and client certificates authentication. Support for WS-Federation metadata.
    www.leastprivilege.com - Tuesday, December 6, 2011
    READ MORE
  • Limiting which user can access service using the Windows Identity Foundation
    In my previous blog post I demonstrated how to secure a workflow service using the Windows Identity Foundation. Using an STS we don’t get the user credentials from the client application but we do get a lot of information in the form of security tokens from the STS my means of a SAML header. Tags: NET Workflow WCF WF4 VS2010 WIF With this in place we only allow users that are trusted by the STS Dominick Baier wrote. That is nice but in some cases we might not want all users to be able to perform all actions. result = (from i in context.Principal.Identities. Enjoy!
    The Problem Solver - Monday, September 27, 2010
    READ MORE
  • Identity in.NET 4.5–Part 3: (Breaking) changes
    This makes it much easier to deal with non-XML tokens like SWT or JWT. new session security token handler that uses the ASP.NET machine key to protect the cookie. WCF can be switched into “WIF mode” with the useIdentityConfiguration switch (odd name though). Configuration section has been split into and <system.identityModel.services /> WCF configuration story has changed as well. Bootstrap token handling is different now. The WCF WS-Trust bindings are gone. I recently started porting a private build of Thinktecture.IdentityModel to.NET 4.5
    www.leastprivilege.com - Wednesday, April 4, 2012
    READ MORE
%>