REST WCF: Authentication With SWT Token Issued By Windows Azure Access Control Service (ACS)

This is second part following the first part, ASP.NET: Authentication With SWT Token Using Windows Azure ACS and WIF Custom Token Handler, of the overall scenario that should answer the following question:

How I can flow security context of end user through tiers between ASP.NET web app and the downstream REST WCF service?

Just published code sample on MSDN Code Gallery for the REST WCF part. Bits are here:

• REST WCF With SWT Token Issued By Windows Azure Access Control Service (ACS)

It largely follows the instructions available here:

• How To: Authenticate to a REST WCF Service Deployed to Windows Azure Using ACS

Next is to connect both parts and enable the scenario of flowing the security context of end user through the tier. The challenge will be to make the original SWT token that was issued for the front end ASP.NET web app available to the backend REST WCF service. Will outline in the third and final part of these series of blog posts.

Related

• Identity Flow Through Physical Tiers - ActAs Delegaton
• Calling REST Service On Behalf Of End User - OAuth 2.0 Delegation
• ASP.NET Relying Party to WCF (SOAP) Relying Party Delegation With Windows Live ID