Windows Identity Foundation (WIF) Configuration – Part I

The information in this post is based on Windows Identity Foundation Config.xml file that ships with WIF SDK.

To use the Windows Identity Foundation Framework to create an ASP.NET website that acts as a Information Card or WS-Federation relying party:

1. Reference the Microsoft.IdentityModel assembly
2. Register the HTTP module
3. Register the configuration section

Reference the Microsoft.IdentityModel assembly

You must reference the Microsoft.IdentityModel assembly from the system.web/compilation section of your web.config.

 <configuration>

  ...

  <system.web>

    ...

    <compilation>

      <assemblies>

        <add assembly="Microsoft.IdentityModel, Version=0.6.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />

      </assemblies>

    </compilation>

    ...

  </system.web>

  ...

</configuration>

Register the HTTP module

Support for relying party has been built using the following ASP.NET modules:

• SessionAuthenticationModule
• WSFederationAuthenticationModule
• ClaimsPrincipalHttpModule

Depending on your scenario you will include one or more of these modules.

 

• For "classic" ASP.NET (includes IIS6 or IIS7 with a "classic" application pool)

 <configuration>

  ...

  <system.web>

    ...

    <httpModules>

      <add name="WSFederatedAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederatedAuthenticationModule, Microsoft.IdentityModel, Version=0.6.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>

    </httpModules>

    ...

  </system.web>

  ...

</configuration>

• For IIS7 "integrated" mode

 <configuration>

  ...

  <system.webServer>

    ...

    <modules>

      <add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=0.6.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler"/>

    </modules>

    ...

  </system.webServer>

  ...

</configuration>

Register the configuration section

In order to use the rest of the configuration described by this file in your web.config, you must reference MicrosoftIdentityModelSection from the configSections section of your web.config.

 <configuration>

  ...

  <configSections>

    <section name="microsoft.identityModel" type="Microsoft.IdentityModel.Web.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>

  </configSections>

  ...

</configuration>

 

Related Books

• Programming Windows Identity Foundation (Dev - Pro)
• A Guide to Claims-Based Identity and Access Control (Patterns & Practices) – free online version
• Developing More-Secure Microsoft ASP.NET 2.0 Applications (Pro Developer)
• Ultra-Fast ASP.NET: Build Ultra-Fast and Ultra-Scalable web sites using ASP.NET and SQL Server
• Advanced .NET Debugging
• Debugging Microsoft .NET 2.0 Applications

Related Info

• Windows Identity Foundation (WIF) Questions & Answers - Vol. 1
• Windows Identity Foundation (WIF) and Azure AppFabric Access Control (ACS) Service Survival Guide
• Windows Identity Foundation (WIF) Fast Track
• Windows Identity Foundation (WIF) Code Samples
• Windows Identity Foundation (WIF) SDK Help Overhaul