Category Archives: ASP.NET

WIF Configuration – Part 1: ServiceConfiguration

Posted on December 22, 2009 by Dominick Baier

WIF supports a flexible configuration system and various ways to programmatically interact with that configuration. This flexibility comes in two ways: Named configuration elements that you can selectively load (service & token handler configuration) Configuration extensibility (e.g. for token handlers, … Continue reading

Posted in ASP.NET, IdentityModel, WCF | Leave a comment

Claims Authorization in WIF Beta 2 – ASP.NET and WCF Integration

Posted on July 22, 2009 by Dominick Baier

In the previous post I illustrated how the basic claims authorization infrastructure in WIF (formerly Geneva) works. In this post I want to focus more on how claims authorization behaves when integrated in WCF and ASP.NET. ASP.NETIn addition to using … Continue reading

Posted in ASP.NET, IdentityModel, WCF | Leave a comment

Defeating SSL

Posted on July 10, 2009 by Dominick Baier

Not a really new paper – but definitely recommended reading. Some lessons learned: Moxie is not really attacking SSL – but uses HTTP to bypass HTTPS. Switch to SSL as early as possible – but that might be too late … Continue reading

Posted in ASP.NET, IdentityModel, WCF | Leave a comment

A closer look at Sandboxing in (ASP.NET) V4

Posted on July 3, 2009 by Dominick Baier

In the last two posts I described how ASP.NET uses the homogenous AppDomain model to implement partially trusted apps. In ASP.NET you use the combination of a trust level (aka grant set) and a list of full trust assemblies to … Continue reading

Posted in ASP.NET | Leave a comment

Partial Trust ASP.NET in 4.0 (Advanced Scenarios)

Posted on July 1, 2009 by Dominick Baier

In the last post I showed you how to use the new CLR security model to do sandboxing in ASP.NET. One new hook into this system is a custom host security policy resolver. A policy resolver is a class that … Continue reading

Posted in ASP.NET | Leave a comment

Partial Trust ASP.NET in 4.0

Posted on June 30, 2009 by Dominick Baier

In .NET v4 there are substantial changes to the CLR security model. Read about all the details here. With Beta 1 in hand I gave the new model a try in the probably most popular host for partial trust – … Continue reading

Posted in ASP.NET | Leave a comment

Updated Starter STS

Posted on June 17, 2009 by Dominick Baier

I just uploaded a minor update to the Starter STS sample to codeplex. This release adds more options for realm checking (see the allowKnownRealmsOnly config switch) as well as Information Card issuance. As always – feedback is welcome! http://startersts.codeplex.com

Posted in ASP.NET, IdentityModel, WCF | Leave a comment

Use Geneva Session Management for your own needs

Posted on May 24, 2009 by Dominick Baier

Geneva Framework is a Framework is a Framework. One part of that framework is the SessionAuthenticationModule for ASP.NET. In all the typical samples this is used to convert an incoming SAML token to a cookie to establish an authentication session. … Continue reading

Posted in ASP.NET, IdentityModel | 2 Comments

Thinktecture WS-Federation Metadata Generator

Posted on May 22, 2009 by Dominick Baier

Mr. Metadata strikes back! This time with a generator/wizard for WS-Federation Metadata language. This makes it very easy to create documents that can be consumed by Geneva Server or FedUtil. More info here.

Posted in ASP.NET, IdentityModel, WCF | Leave a comment

Geneva Beta 2 Update: ClaimsPrincipalHttpModule

Posted on May 18, 2009 by Dominick Baier

I am currently in the process of updating my Geneva code to Beta 2. There are some pretty substantial changes/additions in the new Beta – so I thought I’ll detail some of them while moving along. Today: ClaimsPrincipalHttpModule. For a … Continue reading

Posted in ASP.NET, IdentityModel | Leave a comment