Thursday, 20 December 2012
This is a quick post today that might save folks the same trouble I had to go through when upgrading my Windows Identity Foundation (WIF) enabled MVC website to the latest version of .NET. The scenario is that you might want to enrich the claims coming from your STS with additional claims of your choosing. To do this, there is a common technique of creating a class the derives from ClaimsAuthenticationManager and overrides the Authenticate method. Consider this sample ClaimsAuthenticationManager:
The issue we have is that we need to provide an implementation of ITenantRepository here in order to lookup the data for the additional claims we are adding. If you are lucky enough to find the article on MSDN, it will show you how to wire in a custom ClaimsAuthenticationManager using the web.config. I don't want to hardcode references to an implementation of my TenantRepository, so using config is not a great option for me.
In the older WIF model (Microsoft.IdentityModel) for .NET <= 4.0, you hooked the ServiceConfigurationCreated event:
But, in .NET 4.5, all of the namespaces and a lot of the classes are updated (System.IdentityModel). It took me a long time in Reflector to figure out how to hook the configuration being created again. Turns out you need to reference System.IdentityModel.Services and find the FederatedAuthentication class. Here you go:
Tuesday, 04 August 2009
My teammate Vittorio has put out some new guidance and a great new toolkit that shows how to use federation today with Windows Identity Foundation (WIF or Geneva) on Windows Azure. I know this has been a very common request, especially as services move outside of the private datacenters and into the cloud and as vendors try to build true SaaS applications that need to integrate seamlessly into the customer's experience.
As the technologies evolve, the guidance will be kept up to date. For now, this is a great piece of work that gets us past some of the early roadblocks we encountered.