patterns & practices: Windows Azure Security Guidance

Subscribe

Home SOAP Service Scenarios ASP.NET to WCF with Claims

App Scenario – ASP.NET Claims Auth to WCF

- J.D. Meier, Paul Enfield.

Scenario

Scenario - Service 3 - ASP Claims Auth to WCF - scenario.JPG

Solution

Scenario - Service 3 - ASP Claims Auth to WCF - solution.JPG

Solution Summary Table

Area	Notes
Authentication	* ASP.NET application is claims aware
	* Users are authenticated against the application through an identity provider (STS)
	* Application connects to WCF using the original caller identity
	* Application obtains an ActAs token from the STS
	* Application provides token to WCF service for authentication
	* Trust relationship between application and STS is pre-configured
	* Trust relationship between WCF service and STS is pre-configured
Authorization	* Authorization logic is implemented in WCF service against provided claims
Communication	* App->STS communication is via HTTP
	* App->WCF communication is via HTTP
	* WCF->STS communication is via HTTP
	* WCF service binding is ws2007FederationHttpBinding

Analysis

Contributors and Reviewers

External Contributors and Reviewers: Adam Grocholski Kevin Lam , Michelle Leroux Bustamante, Terrance Snyder
Microsoft: Scott Densmore; Vidya Vrat Agarwal

Last edited May 27, 2010 at 11:06 PM by paulenfield, version 3

Comments

No comments yet.

Sign in to add a comment

download

current	Windows Azure Security Notes
date	Wed Aug 4, 2010 at 7:00 AM
status	Beta
downloads	1,889
rating	0 ratings

activity

page views	visits	downloads
116	77	13

Days:
7 7
30 30
All All
Details