Windows Azure AppFabric Access Control Service v2 provides a number of endpoints which wrap up many authentication, authorization and federation scenarios into a single platform. Stepping through all samples and reading of all specifications is pretty wired task. For this reason I tried to recap most used endpoints across multiple samples and list them all in this post.
ACSv2 Management Endpoint
Use this endpoint to add service reference to application which will perform management operations.
After the proxy has been created you can do this like:
RelyingParty relyingParty = svc.GetRelayingPartyByName(“MyRelayingParty”);
svc.CreateRelyingPartyKey(relyingParty, signingCertificate, "password", RelyingPartyKeyType.X509Certificate, RelyingPartyKeyUsage.Signing, true);
svc.CreateRelyingPartyKey(relyingParty, cerForEncryption, null, RelyingPartyKeyType.X509Certificate, RelyingPartyKeyUsage.Encrypting, true);
RuleGroup ruleGroup = svc.CreateRuleGroup(ruleGroupName);
Sample: All SDK samples provide a project named “ConfigureSample”.
Username Password Endpoint
Useful in Web Service scenarios, when the consumer needs to authenticate to service by using of SAML token issued by Access Control Service.
Sample: ACS Sample named “Acs2UsernameBindingSample”
Used for example in federation scenarios to obtain WRAP token issued by LiveID, Google Open ID etc. The federated token is then sent to some Relaying party (i.e. Web Service).
Sample: ACS Sample named “Acs2WindowsPhoneSample” and “ASPNetSimpleService”
By using of this endpoint you can protect your Web Application by using of OAuth.
Sample: ACS sample named: “OAuth2CertificateSample”
All samples can be downloaded at CodePlex.
May 22 2011, 12:56 PM