Integrating ASP.NET Web Applications With Azure AppFabric Access Control Service (ACS) – Scenario and Solution

Azure AppFabric Access Control Service (ACS) v2 allows integrating Internet authentication mechanisms, such as Windows Live ID, Google, Yahoo!, Facebook, and enterprise identity management systems such as AD via ADFS. It is done based on open protocols such as WS-Trust, WS-Federation, OAuth, OpenID and tokens such as SAML and SWT. This authentication externalization is called federation.

This post answers the following question:

How can I externalize authentication for my ASP.NET Web Application?

Scenario

Solution

Solution Summary

Architecture	Explained Azure AppFabric Access Control Service (ACS) v 2.0 High Level Architecture – Web Application Windows Identity Foundation (WIF) Explained – Web Browser Sign-In Flow (WS-Federation Passive Requestor Profile) SSO, Identity Flow, Authorization In Cloud Applications and Services – Challenges and Solution Approaches
Federation	How-to’s How To: Configure Facebook as an Identity Provider How To: Configure Google as an Identity Provider How To: Configure Yahoo! as an Identity Provider How to: Configure Active Directory Federation Services (ADFS) 2.0 as an Identity Provider
Authentication	How-to’s How to: Configure ASP.NET application for federated authentication with ACS How to: Host Login Login Pages in ACS How to: Host Login Pages in your application
Authorization	Explained Federated Identity: Passive Authentication for ASP.NET with WIF How-to’s How to: Implement RBAC in claims aware ASP.NET application using WIF and ACS - I How to: Implement RBAC in claims aware ASP.NET application using WIF and ACS – II How to: Implement CBAC in claims aware ASP.NET application using WIF and ACS
Identity/Token flow and transformation	How-to’s How to: Transform tokens using Rule Groups How to: Implement token transformation logic using Rules
Trust management	How-to’s How To: Configure trust between ACS and Web Application using Certificates and Keys

Related Books

• Programming Windows Identity Foundation (Dev - Pro)
• A Guide to Claims-Based Identity and Access Control (Patterns & Practices) – free online version
• Developing More-Secure Microsoft ASP.NET 2.0 Applications (Pro Developer)
• Ultra-Fast ASP.NET: Build Ultra-Fast and Ultra-Scalable web sites using ASP.NET and SQL Server
• Advanced .NET Debugging
• Debugging Microsoft .NET 2.0 Applications

Related Info

• Azure AppFabric Access Control Service (ACS) v 2.0 High Level Architecture – Web Application
• Windows Identity Foundation (WIF) Explained – Web Browser Sign-In Flow (WS-Federation Passive Requestor Profile)
• SSO, Identity Flow, Authorization In Cloud Applications and Services – Challenges and Solution Approaches
• Protocols Supported By Windows Identity Foundation (WIF)
• Windows Identity Foundation (WIF) Fast Track
• Windows Identity Foundation (WIF) Code Samples
• Windows Identity Foundation (WIF) SDK Help Overhaul
• Windows Identity Foundation (WIF) and Azure AppFabric Access Control (ACS) Service Survival Guide