Category Archives: IdentityModel

The Simple Web Token (SWT) is a new & simple token format that was created by Microsoft, Google and others. See here for specs. The Azure platform App Fabric Access Control service e.g. uses this token type. Why yet another … Continue reading →

A reader has asked me to update the Client SAML sample to WIF RTM (for background and motivation please read here first). The main work was in the SAML security token handler Validate method, this looks now like this: public … Continue reading →

OK – I finally was able to carve out some time…This is the first feature complete release of the StarterSTS! New features include: client certificate support for WS-Fed and WS-Trust endpoints new relying party configuration allows specifying an explicit reply … Continue reading →

Get it here!!! http://msdn.microsoft.com/en-us/library/ff359115.aspx

Most samples I know of – as well as FedUtil generated configuration set a preCondition=”managedHandler” for the WIF HTTP modules. This means that the modules (and thus the protection of the requested resource) only kicks in for “managed” content like … Continue reading →

Some of the WIF configuration elements support extensibility. This means that you can attach arbitrary XML child elements to the configuration elements. When this is the case, the WIF configuration system creates the piece of plumbing in question using a … Continue reading →

The workhorse of WIF are security token handler. Again token handler can be use independently of the WIF configuration system – or together. The “stand-alone” use caseYou can simply new up a token handler (e.g. the SAML 1.1 handler) in … Continue reading →

We had the pleasure to have a chat with Richard and Carl about what’s nearest and dearest to my heart – WIF ;) Enjoy… http://www.dotnetrocks.com/default.aspx?showNum=503

This version is compiled against WIF RTM. Some stuff is still experimental. But feel free to play around ;)