So, I was talking the other day about the AuthenticationServices class in Atlas. To get this working, you have to do a couple of things security wise. At this point, it is definitely not something that you just drop in and start working on.
- ScriptLibrary. You need to allow the Atlas .js files to be readable by anonymous users. If not, you can't call to authenticate.
- ScriptServices/Microsoft/Web/Services/Standard folder. This virtual folder needs to have its settings set to allow anonymous access or you can't hit the web service.
- web.config. I have found that the "master" web.config settings need to be supplemented by web.config files in the appropiate places. Just adding a <location> tag in the master web.config does not seem to work for Rama and me. http://forums.asp.net/1199226/ShowPost.aspx
I figure that these are just rough edges that will be smoothed out going forward. After, the product is still pretty early on.
Also, thanks to Scott Forsyth for helping me with the security issues. Scott is a great guy.