Search Results for: rest

Token based Authentication for WCF HTTP/REST Services: Authorization

In the previous post I showed how token based authentication can be implemented for WCF HTTP based services. Authentication is the process of finding out who the user is – this includes anonymous users. Then it is up to the … Continue reading

Posted in IdentityModel, IdentityServer | 2 Comments

Token based Authentication for WCF HTTP/REST Services: The Client

If you wondered how a client would have to look like to work with the authentication framework, it is pretty straightfoward: Request a token Put that token on the authorization header (along with a registered scheme) and make the service … Continue reading

Posted in IdentityModel, IdentityServer | Leave a comment

Token based Authentication for WCF HTTP/REST Services: Authentication

This post shows some of the implementation techniques for adding token and claims based security to HTTP/REST services written with WCF. For the theoretical background, see my previous post. Disclaimer The framework I am using/building here is not the only … Continue reading

Posted in IdentityModel, IdentityServer | Leave a comment

Token based Authentication and Claims for Restful Services

WIF as it exists today is optimized for web applications (passive/WS-Federation) and SOAP based services (active/WS-Trust). While there is limited support for WCF WebServiceHost based services (for standard credential types like Windows and Basic), there is no ready to use … Continue reading

Posted in IdentityModel, IdentityServer | Leave a comment

Access Control Service: Walkthrough Videos of Web Application, SOAP, REST and Silverlight Integration

Over the weekend I worked a little more on my ACS2 sample. Instead of writing it all down, I decided to quickly record four short videos that cover the relevant features and code. Have fun ;) Part 1 – Overview … Continue reading

Posted in IdentityModel | Leave a comment

IIS & RESTful Services #FAIL

really? when will super duper IIS finally support non-Windows accounts for HTTP authentication? http://blogs.msdn.com/b/astoriateam/archive/2010/07/21/odata-and-authentication-part-6-custom-basic-authentication.aspx see here for a complete module including IIS management integration: http://custombasicauth.codeplex.com

Posted in WCF | 2 Comments

Thinktecture.IdentityModel: WIF Support for WCF REST Services and OData

The latest drop of Thinktecture.IdentityModel includes plumbing and support for WIF, claims and tokens for WCF REST services and Data Services (aka OData). Cibrax has an alternative implementation that uses the WCF Rest Starter Kit. His recent post reminded me … Continue reading

Posted in IdentityModel | 2 Comments

Integrating Simple Web Tokens (SWT) with WCF REST Services using WIF

The Simple Web Token (SWT) is a new & simple token format that was created by Microsoft, Google and others. See here for specs. The Azure platform App Fabric Access Control service e.g. uses this token type. Why yet another … Continue reading

Posted in IdentityModel | 2 Comments

Restful Token Service Endpoints and Silverlight Clients

It turns out that there is no way in Silverlight to send credentials using the standard HTTP Authorize header (see here). WTF?!. You have to use a custom HTTP header to transmit credentials in this case, e.g. X-Authorize (nice?). I … Continue reading

Posted in IdentityModel | Leave a comment

Adding a REST Endpoint to a WIF Token Service

Sometimes it is useful to have a really simple way to acquire a token from a token service – without having to fiddle around with WS-Federation or WS-Trust. Issuing a simple GET request against a token issuance endpoint seems to … Continue reading

Posted in IdentityModel | Leave a comment