Browse by Tags

All Tags » WIF (RSS)
WIF is an excellent framework that allows you to develop an STS in just a few minutes if you know exactly what you are doing of course :). In my role as consultant and architect in Tellago, I went through several projects in which some level of customization...
Posted by cibrax | 6 comment(s)
Filed under: , , ,
Configuring a WCF service to use federated authentication in an organization is not something trivial as it requires some good knowledge of the available security settings, and more precisely, how to talk to the existing security token services with the...
Posted by cibrax
Filed under: , , ,
A time ago I discussed how a custom REST Starter kit interceptor could be used to parse a SAML token in the Http Authorization header and wrap that into a ClaimsPrincipal that the WCF services could use. The thing is that code was initially created for...
Posted by cibrax | 4 comment(s)
I discussed a time ago how WIF supported a new WS-Trust 1.4 element, “ActAs”, and how that element could be used for authentication delegation.  The thing is that there is another feature in WS-Trust 1.4 that also becomes handy for this kind of scenario...
Posted by cibrax
Filed under: , ,
Dominick just blogged what I think is one of the best ways to provide claim based security for RESTful services at the moment. The idea of using simple web tokens for RESTful services I’ve been in my head for a while, but I was not able to find enough...
Posted by cibrax | 1 comment(s)
Filed under: , ,
The Federation Authentication Module (FAM) shipped as part of WIF protects by the default the session cookies from being tampered with in passive scenarios using DPAPI. As I mentioned in the past, this technique simplifies a lot the initial deployment...
Posted by cibrax | 2 comment(s)
Filed under: , ,
WS-Trust 1.4 introduced a new feature called as “ActAs” for addressing common scenarios where an application needs to call a service on behalf of the logged user or a service needs to call another service on behalf of the original caller. These are typical...
Posted by cibrax | 7 comment(s)
Filed under: , , ,
WIF will be finally supported in W2k3. This has represented a big barrier for the adoption of WIF in one of my customers for a while, but it looks like now I will able to use it after December :).  This is the official announcement made by the Geneva...
Posted by cibrax
Filed under: ,
More Posts