Currently, all of our web applications (and the WCF services they interact with) are run internally. Nothing is exposed to the web. We want to open up our web applications to the Internet and will need to secure access to the services.
We have several existing "RESTful" WCF services (using WebHTTPBinding). We want to secure these services using Windows Azure Access Control Service (ACS) and several possible Identity Providers (Google and one or more Active Directory Federation Services). I want to use JWT as the token format (I know it's in beta in Azure). I'm hoping someone could offer some advice or point me in the direction of good tutorials...everything I read is using ASP.NET WebAPI to create the service, and we don't want to use that.
We want to be able to support any client that can parse JSON. Currently, our web apps are just HTML/jquery.
Some guidance would be great. Thanks!
