Write a custom security token and handler in Windows Identity Foundation

In this article I will demonstrate how to write a token handler for a custom token in Windows Identity Foundation (WIF). The likely circumstances for requiring a new token type are: The token type is pre-existing and needs to be federated The new token type is an extension to a token type already supported by…

2

Handling optional claims with the ADFS Claims Rule Language

It is a perfectly normal scenario for claims to be optional in a token. For example, a SAML assertion may contain the mandatory claims: http://www.contoso.com/claims/givenname http://www.contoso.com/claims/surname and optionally the claim: http://www.contoso.com/claims/dateofbirth The ADFS Claims Rule Language is designed to allow claims from incoming tokens to be used to query data stores for additional claims. At…

2

Mutual authentication with a IIS hosted WCF data service installed in a workgroup environment

This post covers the steps required to secure communication between a WCF client and a WCF data service using mutual certificate authentication. The client/service topology is depicted below: Both the client and server run on a Windows Server 2008 R2 virtual machine with Windows SDK 7.1, Visual Studio 2010, SQL Server Express 2008 R2 and…

2

Windows Azure toolkit for Windows Phone 7

Hi all I am having great fun playing with this toolkit to see how WP7 apps can be properly secured using the Azure Access Control Service (ACS). I hit a couple of problems while trying to create a new ‘Windows Phone Cloud Application’ project in Visual Studio though, at the following screen: 1) Make sure the ACS namespace is…

0