wif

I am converting a active profile STS to the new .NET 4.5 System.IdentityModel framework. My code using the UserNameWSTrustBinding which doesn't seem to exist in the new framework. Any suggestions. Although this is an old question, I couldn't find any non-third-party answer on the internet, so here it is: To replace UserNameWSTrustBinding in .NET 4.5, use the following: var binding = new WS2007HttpBinding(SecurityMode.{what it was before}); binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName; I ported the WCF bindings to thinktecture identity model: https://github.com

UserManagerFactory = () => new UserManager<IdentityUser>(new UserStore<IdentityUser>()); OAuthOptions = new OAuthAuthorizationServerOptions { TokenEndpointPath = new PathString("/Token"), Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory), AuthorizeEndpointPath = new PathString("/api/AccountOwin/ExternalLogin"), AccessTokenExpireTimeSpan = TimeSpan.FromDays(14), AllowInsecureHttp = true }; From which IdentityUser,UserStore comesform entity framework. I want to use my database instead of local db, I generated the "generate" script from the local db tables and I created

We are using WIF authentication, and we have an issue that pops up on occassion where a users cookie gets in a bad state. The exception that gets thrown is: System.InvalidOperationException: ID1073: A CryptographicException occurred when attempting to decrypt the cookie using the ProtectedData API (see inner exception for details). If you are using IIS 7.5, this could be due to the loadUserProfile setting on the Application Pool being set to false. ---> System.Security.Cryptography.CryptographicException: Key not valid for use in specified state. at System.Security.Cryptography.ProtectedData

Maybe this question highlights how little I know about claims identity management, but here it goes. If using WIF within an application that uses a third party STS for Identity and that uses custom claims for authorization ( something pertinent and specificto the application like CanCreateFooBar ) 1) How do I manage the users? Ie, the users from say AD or other membership provider can be identified, but internally in my system i need to know about them and have more user information that has nothing to do with Identity ( so it woulndt really make sense to have this info available outside the

I have followed this article to build demo app with on-premise ADFS federation. http://www.cloudidentity.com/blog/2014/02/12/use-the-on-premises-organizational-authentication-option-adfs-with-asp-net-in-visual-studio-2013/ I am able to get needed information for user using simple code Dim UserEmail = System.Security.Claims.ClaimsPrincipal.Current.FindFirst(System.IdentityModel.Claims.ClaimTypes.Email).Value But how I can get user groups where the username belongs and check if user account is member of Windows group in Active Directory? I have tried to use System.Security.Claims.ClaimsPrincipal

I have an application set up with Azure ACS and .net 4.5 using claims. My application uses dropbox also. I was wondering if i could let users identify them self with dropbox alone. I get a token from dropbox when the user logs in with dropbox and a unique id. Where in the .net pipe do i tell it that i have authenticated a user, such the principals are set on the next request also. To make the example simple, lets say i have a form with two inputs. name,pass. If the name is 1234 and pass is 1234. then i would like to tell the asp.net pipeline that the user is authenticated. Is this possible? or

A WIF-based WCF service needs to call method FederatedServiceCredentials.ConfigureServiceHost() , or put the equivalent element <federatedServiceHostConfiguration> in the web.config file, to work. This is a setting on the service level, in other words it applies for all endpoints. According to the method documentation, the ServiceHostBase instance is modified in several WIF-specific ways. For example, the authorization is replaced by a WIF-based authorization class. Now I'd like to have a single <service> (inside <system.serviceModel><services> ) with multiple <endpoint> s, where one endpoint