Category Archives: Azure

Weird 302 Redirects in Windows Azure

In IdentityServer I don’t use Forms Authentication but the session facility from WIF. That also means that I implemented my own redirect logic to a login page when needed. To achieve that I turned off the built-in authentication (authenticationMode=”none”) and … Continue reading

Posted in Azure, IdentityServer | Leave a comment

Access Control Service: Home Realm Discovery (HRD) Gotcha

I really like ACS2. One feature that is very useful is home realm discovery. ACS provides a Nascar style list as well as discovery based on email addresses. You can take control of the home realm selection process yourself by … Continue reading

Posted in Azure, IdentityModel | Leave a comment

StarterSTS 1.5

I have the 1.5 version of StarterSTS sitting here for quite some time now. But I was always reluctant to release it. Some of the reasons are: too many new features for a single (small) version change. to many features … Continue reading

Posted in Azure, IdentityModel, IdentityServer | Leave a comment

Logging Output of Azure Startup Tasks to the Event Log

This can come in handy when troubleshooting: using System; using System.Diagnostics; using System.Text;   namespace Thinktecture.Azure {     class Program     {         static EventLog _eventLog = new EventLog(“Application”, “.”, “StartupTaskShell”);         static StringBuilder _out = new StringBuilder(64);         static StringBuilder _err = new StringBuilder(64);           … Continue reading

Posted in Azure | Leave a comment

Adding a Certificate to the Root Certificate Store from the Command Line (e.g. as an Azure Startup Task)

The title says it all ;) certutil -addstore root LeastPrivilegeCA.cer

Posted in Azure | 2 Comments

Windows Azure Root CAs and SSL Client Certificates

I ran into some problems while trying to make SSL client certificates work for StarterSTS 1.5. In theory you have to do two things (via startup tasks): Unlock the SSL section in IIS Install all the root certificates for the … Continue reading

Posted in Azure | 5 Comments

Windows Azure Diagnostics: Next to Useless?

To quote my good friend Christian: “Tracing is probably one of the most discussed topics in the Windows Azure world. Not because it is freaking cool – but because it can be very tedious and partly massively counter-intuitive.” <rant> The … Continue reading

Posted in Azure | Leave a comment

Unlocking the SSL Section in Windows Azure Web Roles

Posting the favourite command line snippet seems to be the newest hobby for Azure developers ;) Here’s one that is useful to unlock the SSL section (e.g. for client certificates): %windir%System32inetsrvappcmd.exe unlock config /section:system.webServer/security/access

Posted in Azure | Leave a comment

Handling Configuration Changes in Windows Azure Applications

While finalizing StarterSTS 1.5, I had a closer look at lifetime and configuration management in Windows Azure. (this is no new information – just some bits and pieces compiled at one single place – plus a bit of reality check) … Continue reading

Posted in Azure | Leave a comment