0

On the surface, I think I need many features of WIF

  • The ability to use roles to distinguish between sessions
  • No session state on the server
  • All authentication and role data to reside in a HTTP only cookie
  • ASP.NET MVC support

However for my application I want to use my own custom identity store and am not using Windows authentication.

This makes me believe I need to set up a custom IDP to use WIF and I'm starting to think that may be too much overhead/labor.

  1. Is there a technology similar to WIF+ and IDP that gives me the features I listed above?

  2. Lacking that, there a well defined pattern for me to implement a combined IDP + Website?

makerofthings7
  • 60,103
  • 53
  • 215
  • 448

2 Answers2

0

WIF is basically a wrapper for WS-Trust and WS-Federation protocols... which to be honest are a pain in the ass - especially if you want to create your own provider instead of using ADFS or something like that.

If you are using your own identity store... then stay well away from that imo... Use OAuth\OpenID... or the in-built membership provider in MVC if you are only authenticating users for a single site.

Felix
  • 1,205
  • 9
  • 17
0

If you need a custom IdP for one application only Forms authentication with membership provider will work just fine. If your custom IdP becomes an IdP for other applications and/or services than the need for externalizing such a functionality becomes apparent. WIF could be an option.

LeonK
  • 1