browse.develop.com
Browse.develop.com is a community that was established to collect and organize valuable web information. Our technical staff have selected and indexed information and courses that they feel will help you stay current on best practices across the SDLC.

3 Articles match "Token","WCF"

Related DevelopMentor Courses MORE
Advanced Windows Communication Foundation
In this course, you learn to: Understand the motivation and architecture behind SOA & WCF Create clients and services with WCF Expose your services using SOAP and REST Choose between different channels, bindings, and configuration options Host a service as a Windows service or in IIS/WAS Authenticate and authorize access to services Federate services using tokens and claims Span transactions across service boundaries Add reliability using transport and message mechanisms Extend WCF by writing custom behaviors and creating custom channels Advanced Windows Communication Foundation presents
DevelopMentor Courses - Monday, March 1, 2010
READ MORE
Essential Windows Communication Foundation
In this course, you learn to: Understand the motivation and architecture behind SOA & WCF Create clients and services with WCF Expose your services using SOAP and REST Choose between different channels, bindings, and configuration options Host a service as a Windows service or in IIS/WAS Deal with concurrency and sessions in WCF Handle errors in services Authenticate and authorize access to services Federate services using tokens and claims Span transactions across service boundaries Add reliability using transport and message mechanisms Extend WCF by writing custom behaviors and creating
DevelopMentor Courses - Friday, June 12, 2009
READ MORE
.NET Security
Identify and prioritize risks and vulnerabilities in applications Protect data using encryption and signatures Impersonate and delegate Windows credentials Integrate with Windows domains and network authentication Write sandboxed applications Avoid common security threats like cross-site scripting or SQL injection Use CardSpace to authenticate users Secure communication with WCF Authenticate and authorize users in ASP.NET Security is a feature. Discover the CLR's native security infrastructure (Code Access Security) and the security architecture behind web applications (ASP.NET), web services
DevelopMentor Courses - Friday, June 12, 2009
READ MORE

31 Articles match "Token","WCF"

The Latest from DevelopMentor MORE
WCF, WIF and Load Balancing (and a bit of Azure)
giving some background information on how session tokens are protected in WIF – here some some additional info for WCF: The The ws* bindings in WCF establish a security session by default (via WS-SecureConversation). This When you want to use WCF in a load balanced environment (e.g Pablo wrote a post yesterday giving This has some implications, e.g. You
www.leastprivilege.com - Thursday, February 18, 2010
READ MORE
Securing WCF Data Services using WIF
Since WCF Data Services is just a normal WCF service (using the web programming model), all For accepting and converting more advanced token types like SWT or SAML, you need to plugin your own token handling. gave it a try for SWT tokens (see here for the This questions comes up every once in a while.. Since all the typical security APIs and extensibility points apply. That
www.leastprivilege.com - Monday, February 15, 2010
READ MORE
Integrating Simple Web Tokens (SWT) with WCF REST Services using WIF
The Simple Web Token (SWT) is a new & simple token format that was created by Microsoft, uses this token type. Why Why yet another token type? The downsides are – it is not a widely adopted token format (current spec version is Microsoft, Google and others. See here for specs.
www.leastprivilege.com - Monday, February 8, 2010
READ MORE
  • The Best from DevelopMentor MORE
  • (SAML) Token Creation in a Geneva STS
    tokens, it’s worthwhile to have a closer look. Internally the SecurityTokenService class drives a “token information gathering” token neutral description) of the token to be issued. passed on to a SecurityTokenHandler that creates the security token. By default, Geneva STS developers are quite shielded from the SAML creation process – you simply derive from SecurityTokenService and implement GetScope and GetOutputClaimsIdentity , and the rest gets done by the framework.
    www.leastprivilege.com - Saturday, November 22, 2008
    READ MORE
  • Geneva is the new WCF Security
    Geneva has evolved to not only a an extension to WCF/ASP.NET for STS/token related things - it also changes how base WCF security works - to the better IMO. Another big simplification with Geneva comes to custom token/credential types (ever tried adding a new credential type of WCF? Let me give you an example: Trusted certificate issuers When doing client certificate based authentication you always had three choices
    www.leastprivilege.com - Thursday, October 30, 2008
    READ MORE
  • Using Silverlight to Access WIF secured WCF Services
    talk a lot about claims, tokens and WIF/ADFS 2 to customers. especially the “story” of Silverlight and WCF/WIF. token from a STS. Those Those of you with WCF background will say: “that’s what the federation bindings in WCF This topic comes up quite often recently – so I hope the title is search engine friendly. Disclaimer: Disclaimer: At the time of this writing, the current version of Silverlight is v3 and
    www.leastprivilege.com - Wednesday, October 28, 2009
    READ MORE
  • Integrating Simple Web Tokens (SWT) with WCF REST Services using WIF
    The Simple Web Token (SWT) is a new & simple token format that was created by Microsoft, uses this token type. Why Why yet another token type? The downsides are – it is not a widely adopted token format (current spec version is Microsoft, Google and others. See here for specs.
    www.leastprivilege.com - Monday, February 8, 2010
    READ MORE
  • Thinktecture Security Token Service Starter Kit
    a learning tool on how to write custom token services. Some features: active and passive security token service supports WS-Federation, WS-Trust 1.3 (message tokens based on the standard membership, roles and profile provider infrastructure membership provider is used to authenticate users and to provide a name and email claim role provider is used for authorization in the web front-end and to provider role claims profile provider is I am happy to announce the “Thinktecture STS Starter Kit” sample.
    www.leastprivilege.com - Monday, May 25, 2009
    READ MORE
  • Using SAML as a Client Credential Type in WCF (with Geneva)
    am not advocating the use of client generated SAML tokens in general, and This whole article is about replacing the UserName token with a SAML token in situations where you need extensibility points that a UserName tokens cannot give you. As I said in my previous post, SAML is an extensible Disclaimer For the motivation for this article please read this here
    www.leastprivilege.com - Monday, March 9, 2009
    READ MORE
  • Geneva integration into WCF
    Having done quite a bit of WCF customization myself, it is fun to see how Geneva framework wires itself up into the WCF runtime. The high-level goals are as follows: route the token provisioning, serialization and authentication through the Geneva pipeline make an IClaimsPrincipal available on the service side allow setting issued tokens directly on a ChannelFactory On the service side this is achieved by passing in a ServiceHost instance into FederatedServiceCredentials.ConfigureHost() .
    www.leastprivilege.com - Thursday, March 12, 2009
    READ MORE