App Scenario – ASP.NET Claims Auth to WCF

- J.D. Meier, Paul Enfield.

Scenario

Scenario - Service 3 - ASP Claims Auth to WCF - scenario.JPG

Solution

Scenario - Service 3 - ASP Claims Auth to WCF - solution.JPG

Solution Summary Table

Area Notes
Authentication * ASP.NET application is claims aware
* Users are authenticated against the application through an identity provider (STS)
* Application connects to WCF using the original caller identity
* Application obtains an ActAs token from the STS
* Application provides token to WCF service for authentication
* Trust relationship between application and STS is pre-configured
* Trust relationship between WCF service and STS is pre-configured
Authorization * Authorization logic is implemented in WCF service against provided claims
Communication * App->STS communication is via HTTP
* App->WCF communication is via HTTP
* WCF->STS communication is via HTTP
* WCF service binding is ws2007FederationHttpBinding

Analysis

Contributors and Reviewers

  • External Contributors and Reviewers: Adam Grocholski Kevin Lam , Michelle Leroux Bustamante, Terrance Snyder
  • Microsoft: Scott Densmore; Vidya Vrat Agarwal

Last edited May 28, 2010 at 12:06 AM by paulenfield, version 3

Comments

No comments yet.