Clik here to view.
Handling Configuration Changes in Windows Azure Applications
While finalizing StarterSTS 1.5, I had a closer look at lifetime and configuration management in Windows Azure. (this is no new information – just some bits and pieces compiled at one single place –...
View ArticleClik here to view.
Unlocking the SSL Section in Windows Azure Web Roles
Posting the favourite command line snippet seems to be the newest hobby for Azure developers Here’s one that is useful to unlock the SSL section (e.g. for client certificates):...
View ArticleClik here to view.
Windows Azure Diagnostics: Next to Useless?
To quote my good friend Christian: “Tracing is probably one of the most discussed topics in the Windows Azure world. Not because it is freaking cool – but because it can be very tedious and partly...
View ArticleClik here to view.
Windows Azure Root CAs and SSL Client Certificates
I ran into some problems while trying to make SSL client certificates work for StarterSTS 1.5. In theory you have to do two things (via startup tasks): Unlock the SSL section in IIS Install all the...
View ArticleClik here to view.
Adding a Certificate to the Root Certificate Store from the Command Line...
The title says it all certutil -addstore root LeastPrivilegeCA.cer Filed under: Azure
View ArticleClik here to view.
Logging Output of Azure Startup Tasks to the Event Log
This can come in handy when troubleshooting: using System; using System.Diagnostics; using System.Text; namespace Thinktecture.Azure { class Program { static EventLog _eventLog = new...
View ArticleClik here to view.
StarterSTS 1.5
I have the 1.5 version of StarterSTS sitting here for quite some time now. But I was always reluctant to release it. Some of the reasons are: too many new features for a single (small) version change....
View ArticleClik here to view.
Access Control Service: Home Realm Discovery (HRD) Gotcha
I really like ACS2. One feature that is very useful is home realm discovery. ACS provides a Nascar style list as well as discovery based on email addresses. You can take control of the home realm...
View ArticleClik here to view.
Weird 302 Redirects in Windows Azure
In IdentityServer I don’t use Forms Authentication but the session facility from WIF. That also means that I implemented my own redirect logic to a login page when needed. To achieve that I turned off...
View ArticleClik here to view.
Migrating a Local IdentityServer Membership Database to SQL Azure
This is a useful tool to accomplish this: http://sqlazuremw.codeplex.com Filed under: Azure, IdentityServer
View ArticleClik here to view.
Access Control Service: Protocol and Token Transition
ACS v2 supports a number of protocols (WS-Federation, WS-Trust, OpenId, OAuth 2 / WRAP) and a number of token types (SWT, SAML 1.1/2.0) – see Vittorio’s Infographic here. Some protocols are designed...
View ArticleClik here to view.
Access Control Service: Transitioning between Active and Passive Scenarios
As I mentioned in my last post, ACS features a number of ways to transition between protocol and token types. One not so widely known transition is between passive sign ins (browser) and active service...
View ArticleClik here to view.
Access Control Service: Programmatically Accessing Identity Provider...
In my last post I showed you that different redirect URLs trigger different response behaviors in ACS. Where did I actually get these URLs from? The answer is simple – I asked ACS ACS publishes a JSON...
View ArticleClik here to view.
Access Control Service: Passive/Active Transition Sample
Here you can find my updated ACS2 sample. In addition to the existing front ends (web [WS-Federation], console [SOAP & REST], Silverlight [REST]) and error handling, it now also includes a WPF...
View ArticleClik here to view.
My Sessions from NDC 2012
All videos from NDC are online now. This is great content, go check it out! Authentication & Authorization in .NET 4.5 – Claims & Tokens become the standard Model Securing ASP.NET Web APIs...
View ArticleClik here to view.
Taking Control over Azure Access Control Service HRD (without the Help from...
Vittorio wrote a post earlier today showing how to fetch the identity provider feed from ACS and use it to drive the sign-in handshake from within your application and UI. This is indeed a very useful...
View ArticleClik here to view.
WIF & .NET 4.5 Identity and Access Control Training
Just a quick update – I will run my public WIF class for the last time on the 14th/15th November in Oslo (the dates on the page are not correct anymore). After that there will be a brand new .NET …...
View ArticleClik here to view.
“Windows Azure, Identity & Access – and you” Talk from Cloudburst 2012
My talk from Cloudburst 2012 is available here: http://www.streamshed.com/microsoft/cloudburst.htm# This was a nice little conference. recommended. (make sure to also watch Christian’s ServiceBus talk,...
View ArticleClik here to view.
Azure Authentication Library
Azure Authentication Library (AAL) is slowly turning into a really useful “easy to use” library to write client code against Microsoft identity back-ends like Windows Azure Active Directory and Access...
View ArticleClik here to view.
Compatibility between Thinktecture.IdentityModel JWT and Microsoft JWT
I just did a quick test – the JWT token handler in Thinktecture.IdentityModel can consume and validate JWTs coming from Access Control Service. Thought I let you know ;) Nice. Filed under: Azure,...
View Article