Questions tagged [geneva-framework]

WIF is the new name for the Geneva framework

The Geneva framework was the Microsoft code name for what has been released as .

29 questions
19
votes
2 answers

Azure/web-farm ready SecurityTokenCache

Our site uses ADFS for auth. To reduce the cookie payload on every request we're turning IsSessionMode on (see Your fedauth cookies on a diet). The last thing we need to do to get this working in our load balanced environment is to implement a farm…
Jeremy Danyow
  • 26,470
  • 12
  • 87
  • 133
6
votes
5 answers

ADFS v2.0 Error : MSIS7042: The same client browser session has made '6' requests in the last '1' seconds

Folks, I've got an ASP.NET MVC application that I am attempting to secure using the Release Candidate version of ADFS v2.0 (Geneva). I have configured the application as a relying party trust, and I've used Fedutil.exe to modify the application's…
Kevin Hoffman
  • 5,154
  • 4
  • 31
  • 33
6
votes
2 answers

Implementing claims-based security (WCF/ASP.NET)

After researching on the topic of claims-Based security (or a federated security model). I've been coming across many examples that use CardSpace as an example. The main article that I read that gave a really great explanation of the subject was a…
5
votes
2 answers

Creating a local Token cache using the Geneva Framework

Haven't seen many Geneva related questions yet, I have posted this question in the Geneva Forum as well... I'm working on a scenario where we have a win forms app with a wide installbase, which will be issuing frequent calls to various services…
Yossi Dahan
  • 5,389
  • 2
  • 28
  • 50
4
votes
4 answers

Windows Identity Foundation - Third Party Secure Token Server

I'm trying to get my head around all the claims based windows identity foundation magic. Assuming I don't want to use ADFS, one thing that isn't clear to me is whether its best to roll your own STS using WIF to do some of the hard work or to rely on…
AJM
  • 32,054
  • 48
  • 155
  • 243
3
votes
1 answer

Geneva-based STS, Java interop

I'd like to test whether my Geneva-based fedearated security services can be consumed with NetBeans/WSIT. Is there something like step-by-step guide? Server side uses 'message credentials over HTTPS' security mode while all the examples I've seen…
Dmitry Ornatsky
  • 2,237
  • 2
  • 18
  • 25
3
votes
2 answers

Trends in Externalizing Identity from Applications

Stackoverlow decided to use OpenID probably due to its simplicity while others believe that Information Cards (e.g. cardspace) is a better strategy in that it is backed by major industry vendors and is known to be more secure. Are there libraries…
McGovernTheory
  • 6,556
  • 4
  • 41
  • 75
3
votes
2 answers

Simple Claims Transformation for an RP-STS in Geneva Framework

After reading the MSDN article (http://msdn.microsoft.com/en-us/magazine/2009.01.genevests.aspx) on implementing a Custom STS using the Microsoft Geneva Framework I am a bit puzzled about one of the scenarios covered there. This scenario is shown in…
3
votes
1 answer

RequestSecurityToken from STS and post it to my website

My web site implements AD FS based authentication. Now I need to programmatically access my web site through a client. My client should request the security token from the ADFS server using the currently logged on user's context. I have been…
Charles Prakash Dasari
  • 4,964
  • 1
  • 27
  • 46
2
votes
3 answers

Is Azure Access Control and WIF suitable when some of the relying parties might not be .Net based

We currently have a few .Net applications on different domains with separate membership on each. We are moving to a federated login with single sign-on (and hopefully single sign-off) and a centralised membership hosted on Azure. The natural choice…
Max
  • 1,543
  • 2
  • 16
  • 31
2
votes
1 answer

Moving from ADFS to the Geneva Framework

My company is in need of a federated identity solution, and being a Microsoft shop, we're looking to use MS technologies to accomplish this goal. We don't have Server 2008 or .NET 3.5 in production, so we're limited to a .NET 2.0/Server 2003-based…
2
votes
1 answer

Help required with SAML 2.0 and ADFS 2.0 !

While trying to learn the ADFS 2.0 environment, I created an empty ASP.NET Claims aware application to be the RP using Visual Studio 2010. using ADFS 2.0 I did the following: Created a SAML 2.0 relying party using the 'Add Relying Party Trust...'…
Joshua
  • 1,974
  • 2
  • 23
  • 39
1
vote
2 answers

Alternative to Geneva Framework

Are there any alternatives to Microsoft Geneva Framework (preferably open source). We have planed to use it in production environment, but it looks like that Microsoft has license that doesn't allow that while the Geneva Framework is in beta.
Aleksandar Vucetic
  • 14,715
  • 9
  • 53
  • 56
1
vote
2 answers

asp.net mvc security

How can I disallow anonymous access to my ASP.NET mvc controllers? Specifically, I want to require authenticated access to all controllers but allow anonymous access to resource type files such as .css and .js files. Don't plan on using…
scott_m
1
vote
1 answer

Configure Active Relying Party STS to Trust Multiple Identity Provider STSes

I am struggling with the configuration for the scenario below. I have a custom WCF/WIF STS (RP-STS) that provides security tokens to my WCF services RP-STS is an "Active" STS RP-STS acts as a claims transformation STS RP-STS trusts tokens from…
CodeChef
  • 906
  • 1
  • 7
  • 21
1
2