Home > ASP.NET, Azure > Azure Access Control Service Part 2 – Prerequisites for development

Azure Access Control Service Part 2 – Prerequisites for development

In order to start development for ACS, you will need the following

  1. Windows Identity Foundation Runtime
  2. Windows Identity Foundation SDK
  3. Visual Studio 2010

Once installed properly, you will notice a add STS reference option inside Visual Studio when you right click a web application or a website project.

To get the required link, login to your management service portal (https://%5Bnamespace%5D.accesscontrol.windows.net/v2/mgmt/service )

Click on Application integration under Development.

Copy the url for WS-Federation Metadata

Now to add STS to your application

  1. Right click the project and click on “Add STS”
  2. Click Next for the first screen
  3. If you are prompted for something about not secure, ignore and click ok
  4. Select “Use an existing STS”
  5. Paste the link you copied previously into the textbox
  6. Click Next until complete

 

Your website is now configured to use Azure ACS to perform authentication.

To test if its working correctly, add the following code inside your default.aspx.cs

        foreach(var claim in (User.Identity as Microsoft.IdentityModel.Claims.ClaimsIdentity).Claims)
        {
            Response.Write(claim.ClaimType + ” = ” + claim.Value + “<br />”);
        }

In case you wish to know the default claims returned by each provider

Facebook

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier:
http://schemas.microsoft.com/ws/2008/06/identity/claims/expiration:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name:
http://www.facebook.com/claims/AccessToken:
http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider:

Google

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name:
http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider:

LiveID

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier:
http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider:

If you have noticed, YES for some reason Windows Live only returns quite useless data unlike the other providers, not sure why this is so as this makes it extremely useless.

Yahoo

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name:
http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider:

Categories: ASP.NET, Azure
  1. May 29, 2011 at 8:39 pm

    Wonderful work

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: