ACS Configuration For Development and Production Or Staging

During the work on Securing Windows Azure Web Role ASP.NET Web Application Using Access Control Service v2.0 I needed to handle both Compute Emulator and actual Windows Azure deployment in the context of ACS. By handle I mean that I needed to constantly change web.config entries and those that are managed by ACS Management Portal.

To reduce the amount of places I need to go and change configuration values I have created two Relying Parties – one for dev and one for Windows Azure. The difference between the two was in Return URL and Realm.

If you will try to assign same realm values to both Relying Parties you will receive an error:

There is already a Relying Party with this Realm.

Before deploying to Windows Azure I needed to make teh following changes in web.config:

• value attribute in add node under audienceUri.
• realm attribute in wsFederation node under federatedAuthentication.

These manipulations probably caused me to do some troubleshooting as outlined in Invalid Web.Config Caused Failure To Deploy ASP.NET App To Windows Azure: “All role instances have stopped”, “Busy”, “Aborted”, “Recovering role...”, “Preparing node…”, so make sure you deploy valid web.config to Windows Azure next time.

Related Materials

• Windows Azure: Changing Configuration In Web.Config Without Redeploying The Whole ASP.NET Application
• Widows Azure Content And Guidance Map For Developers – Part 1, Getting Started
• Widows Azure Content And Guidance Map For Developers – Part 2, Case Studies
• New Content Available For Windows Azure Developers - Windows Azure Code Quick Launch Samples and Walkthroughs