I'm building an Azure-hosted WCF service that I'd like to secure with ACS using credentials stored in an SQL Server database. I've looked at a bunch of ADFS2 examples but have yet to figure out how to do this. I'm sure I'm missing something obvious here so any advice would be greatly appreciated. Thanks...
Asked
Active
Viewed 296 times
2 Answers
1
You should be able to create your own STS, like this:
http://dotnet.dzone.com/news/5-minutes-wif-make-your-aspnet
Just add in the code to look your user up.
This post discusses how to create the federation metadata required to add the STS to the Azure Access Control Service:
WIF manually generate federationmetadata.xml
In your original project, you should then be able to add the Access Control Service as the STS, and if everything is set up correctly, you'll see your new STS.
Community
- 1
- 1
Richard Astbury
- 2,323
- 18
- 28
1
If you want to use ACS (not clear in your post why you need it though), you need to have your WCF service trust ACS and then configure ACS to trust an STS that can authenticate users agaist SQL. You cannot use ADFS for that as it currently only supports authentication with AD.
Your options are varied, but the simplest would be to create your own STS as Richard mentions, or use one that already does that like StarterSTS or the more moder Identity Server in CodePlex (both open source and contributed by Dominick Baier from Thinktecture).
The question though remains: why you need ACS? The simplest solution would be to have your WCF service trust the (SQL backed) STS directly.
Here are some examples of when ACS would be useful:
- You need to trust eventually more than 1 Identity provider
- The claims your service expects are not supplied by the identity provider (you need transformation/augmentation of claims).
- You need token translation (e.g. SWT -> SAML)
Eugenio Pace
- 14,094
- 1
- 34
- 43