wif

I created STS that does the authentication part. It uses Custom Membership provider. After successful login I get redirected to my RP website. All works fine in terms of authentication. I have defined a CustomRolesProvider defined in web.config of my RP website. It uses the username returned by STS to fetch the roles for that user from RP's database. When I use Roles.GetRolesForUser I do get the right roles. I have the following in the web.config of my RP to allow only admin to give access to admin folder. And the sitemap provider has securityTrimmingEnabled="true" <location path="admin">

How do I make my WCF client authenticate using the ACS to my internally hosted WCF service? The issue revolves around setting a custom Realm (which I can't figure out how to set.) My ACS is configured similar to the ACS Samples however the "Realm" is defined as shown below. Excerpt from Azure ACS Configuration page Client Side Code EndpointAddress serviceEndpointAddress = new EndpointAddress( new Uri( "http://localhost:7000/Service/Default.aspx"), EndpointIdentity.CreateDnsIdentity( GetServiceCertificateSubjectName() ), new AddressHeaderCollection() ); ChannelFactory<IStringService>

I'm currently looking into using WIF for an upcoming project and would appreciate some help finding information. I've looked around a bit and don't have a decisive answer. I have a current site that runs off ASP membership, and I have a large number of users in those tables. Are there any trusted custom STS's out there that use the membership table? Would my current site, which uses ASP membership require much change to use WIF and a STS? Do I have to use a certificate when using WIF? What is the difference between ADFS and ASP Membership implementation? Are their any easier MS based solutions

I have what I think is a fairly complicated question so I will do my best to articulate it here. I am looking for a single sign on (SSO) solution. I am aware of many of the options out there but have ruled most of them out as I add criteria that they need to meet. Here are the criteria: 1.) The SSO must be added to an existing "system". 2.) The existing "system" consists of "X" number of websites. 3.) All of the "x" websites are e-commerce. 4.) The websites are all owned by company Y, for whom 95% of the system was built in-house. 5.) Each of the "X" number of websites is in the same Web Farm.

I am playing with windows identity foundation and I am trying to create an MVC.NET based Security Token Service and use it as the Single Sign On application. My only problem is that I don't know how to generate the federationmetadata.xml file. Is there any tool to generate this file manually? I created a custom metadata generator that does what VS does when you create the STS project. I had to use Reflection to call the code because as usual everything useful is internal in Microsoft's assemblies. More about it here http://stsmetadataeditor.codeplex.com/ This tool can be used modify an

I have a wcf webservice that uses WIF for authentication. Part of the responsibility of this webservice is to generate a report and email it. If I render the report with data only everything is fine. If I include any report parameters, report constants, or even just DateTime.Now I get the following exception: An error occurred during local report processing.Failed to load expression host assembly. Details: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed I can run the same

The error: ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry. To accept security tokens from this issuer, configure the IssuerNameRegistry to return a valid name for this issuer. The situation: I have 3 or 4 asp.net apps running on a single IIS server (my QA environment), that this morning began returning this error. I start out on an anonymous site, click a link to a secure section, get redirected to my federation services proxy, authenticate, and am redirected back to my secure page, but this error appears. This link and a bunch of others indicate that the