Clik here to view.
Federation Gateway and Home Realm Discovery in Thinktecture.IdentityServer v2
I just uploaded a “feature-refresh” of the IdSrv Beta to github. This includes amongst some bug fixes the ability to use IdSrv as a federation gateway/home realm discovery page. This gives you the...
View ArticleClik here to view.
Mixing MVC + Forms Authentication and Web API + Basic Authentication
Got several emails recently with questions on how to enable the following scenario: ASP.NET application (e.g. MVC) using Forms Authentication and Web APIs using Basic Authentication to authenticate...
View ArticleClik here to view.
Extensions to the Web API/MVC + Forms/Basic Auth Sample: Claims...
I got two questions on the sample from yesterday. AJAX Clients”Will AJAX clients be able to use the Forms Authentication cookie against Web API?” Yes, indeed. In that case add the following flag to the...
View ArticleClik here to view.
Using Claims-based Authorization in MVC and Web API
.NET 4.5 ships with a claims-based authorization infrastructure around the ClaimsAuthorizationManager class. I have written about that before, and I am still a fan of that approach (not necessary of...
View ArticleClik here to view.
Update on Thinktecture IdentityServer v2 Beta (Refresh 2)
Just wanted to give you a quick update what’s happening with IdentityServer. Brock and I were working really hard to get some new features in, e.g. Mobile support for the login and home realm discovery...
View ArticleClik here to view.
OAuth2 in Thinktecture IdentityServer v2: Resource Owner Password Flow
IdentityServer v2 supports the OAuth2 “Resource Owner Password Credential Flow” (see the spec for more details). This flow is for so called “trusted applications”, meaning the user gives his...
View ArticleClik here to view.
Thinktecture IdentityServer v2: Federation with Web Identities
Brock has a nice post describing the OAuth2 work we did in IdentityServer v2. Check it out! http://brockallen.com/2012/11/04/oauth2-in-thinktecture-identityserver-oauth2-identity-providers/ Filed...
View ArticleClik here to view.
Thinktecture IdentityServer v2: Using the OAuth2 Implicit Flow with JavaScript
Nice blog post from Christian! http://weblogs.thinktecture.com/cweyer/2012/11/oauth2-in-thinktecture-identityserver-v2-implicit-grant-flow-with-javascript.html Filed under: IdentityModel,...
View ArticleClik here to view.
Thinktecture IdentityServer Wiki
I started adding content to the wiki on github. If you like to contribute, let me know! https://github.com/thinktecture/Thinktecture.IdentityServer.v2/wiki Filed under: ASP.NET, IdentityModel,...
View ArticleClik here to view.
OAuth2 in Thinktecture IdentityServer v2: Using the Implicit Flow with...
WinRT has built-in support for the “browser control/redirect” sign-in mechanism that is used in OAuth2 implicit flow. The API for that is called the WebAuthenticationBroker and using it has some...
View ArticleClik here to view.
Identity & Access Control in ASP.NET 4.5
My 2nd course for PluralSight is now online! Identity & Access Control in ASP.NET 4.5 Have fun! Filed under: .NET Security, ASP.NET, Conferences & Training, IdentityModel, IdentityServer
View ArticleClik here to view.
A Day of Identity and Access Control at DevWeek 2013
http://www.devweek.com/ In addition to the break out sessions – Brock and I will do a full day workshop on identity & access control – see you there! Filed under: Conferences & Training,...
View ArticleClik here to view.
WCF and Identity in .NET 4.5: External Authentication with WS-Trust
overview scenarios accessing claims windows authentication username authentication client certificate authentication A typical configuration for a WCF service that uses a WS-Trust security token...
View ArticleClik here to view.
Switching to ReferenceMode in ASP.NET 4.5
As a follow up to this post – things have changed a little bit in .NET 4.5. SessionMode is now called ReferenceMode (which is less confusing), and mechanics are slightly different now. When creating...
View ArticleClik here to view.
Progress on Thinktecture IdentityServer v2 (hopefully the last update ;)
We’ve been extremely busy with our days jobs in the last weeks – end of year madness. That means we did not have much time to work on IdSrv – but – all the reported bugs seem to be fixed and I will add...
View ArticleClik here to view.
Identity & Access Control in .NET, ASP.NET and WCF 4.5
I just hit my first big milestone in the security curriculum for Pluralsight. All three base identity & access control courses are done and online now. They cover what used to be called WIF and is...
View ArticleClik here to view.
Azure Authentication Library
Azure Authentication Library (AAL) is slowly turning into a really useful “easy to use” library to write client code against Microsoft identity back-ends like Windows Azure Active Directory and Access...
View ArticleClik here to view.
Questions/Feedback/Comments about Thinktecture IdentityModel and Server
For any questions, please use the issue track on github for IdentityModel and IdentityServer (and please not the comments on my blog). If you absolutely want to use StackOverflow, I am now monitoring...
View ArticleClik here to view.
Compatibility between Thinktecture.IdentityModel JWT and Microsoft JWT
I just did a quick test – the JWT token handler in Thinktecture.IdentityModel can consume and validate JWTs coming from Access Control Service. Thought I let you know ;) Nice. Filed under: Azure,...
View ArticleClik here to view.
More Compatibility between Thinktecture.IdentityModel JWT and Microsoft JWT
Reader centralbin comments: “In fact the reverse is also true : You can configure TT-STS as an IP-STS in ACS. The JWT tokens issued by TT-STS can also be consumed in ACS. The only “gotcha” is that you...
View Article