ASP.NET: Authentication With SWT Token Using Windows Azure ACS and WIF Custom Token Handler

This is first part of the overall scenario that should answer the following question:

How I can flow security context of end user through tiers between ASP.NET web app and the downstream REST WCF service?

Uploaded sample code to MSDN Code Gallery that shows how to use SWT token issued by Windows Azure Access Control Service (ACS). The bits are here:

• ASP.NET Security: SWT With Windows Azure ACS and WIF Custom Token Handler

The plan is next to add another Visual Studio Project to the solution based on the following walkthrough:

• How To: Authenticate to a REST WCF Service Deployed to Windows Azure Using ACS

The idea is simple – create one relying party in Windows Azure ACS and share the issued SWT token between the ASP.NET app and REST service. The challenge here is that WIF does not come with ready to use SWT token implementation and SWT token handler. To solve this scenario the code sample implements custom token handler, cannibalized from the following sample:

• Code Sample: Windows Phone 7 Application

Related

• Identity Flow Through Physical Tiers - ActAs Delegaton
• Calling REST Service On Behalf Of End User - OAuth 2.0 Delegation
• ASP.NET Relying Party to WCF (SOAP) Relying Party Delegation With Windows Live ID