This project is read-only.

App Scenario – REST with AppFabric Access Control

- J.D. Meier, Paul Enfield.


Scenario - REST 1 - REST with Access Control - scenario.JPG


Scenario - REST 1 - REST with Access Control - solution.JPG

Solution Summary Table

Area Comment
Authentication * REST Service deployed in Azure
* App Fabric Access Control Service (ACS) used for access control
* Authentication based on claims provided by ACS
* Trust relationship established between RESTful service and ACS
* Namespace created in ACS to map input claims to output claims
* Client retrieves SWT from ACS, and provides this to REST service to gain access
Authorization * Resource authorization based on claims
Communication * Communication with ACS occurs via oAuth WRAP
* Claims provided by ACS are carried in Simple Web Token (SWT)
* oAuth WRAP messages carried over HTTP

Contributors and Reviewers

  • External Contributors and Reviewers: Adam Grocholski; Kevin Lam; Terrance Snyder
  • Microsoft: Scott Densmore; Vidya Vrat Agarwal

Last edited May 28, 2010 at 12:13 AM by paulenfield, version 6


rajeshba May 23, 2011 at 12:05 AM 
Excellent article. The implementation of this can be found here