Adding Claims-based authorization to MVC 3

Question

I have an MVC app that I would like to add claims-based authorization to. In the near future we will use ADFS2 for federated identity but for now we will used forms auth lo

Answer 1

WIF is designed to use a STS so if you don't want to do that, then you essentially have to re-invent the wheel as per the article.

When you move to ADFS, you will pretty much have to re-code everything.

Alternatively, have a look at StarterSTS, This implements the same kind of aspnetdb authentication that you need but allows WIF to do the heavy lifting. Then when you migrate to ADFS, you simply have to run FedUtil against ADFS and it will all work without any major coding changes.

(BTW, there is a MVC version - a later implementation - here).