Back to Windows Azure Active Directory Solutions For Developers

Table of Contents


Scenario

In this scenario you are developing ASP.NET Web Forms web application and you need to implement authentication using either Internet identities such as Live ID, Google, Facebook, Yahoo!, or OpenID 2.0 or enterprise identities managed by corporate Active Directory.

  • Web Application is developed using ASP.NET Web Forms.
  • Internet identities such as Live ID, Facebook, Google, Yahoo!, OpenID 2.0
  • Enterprise identities managed by corporate Active Directory (AD)

Solution Approach

Windows Azure AppFabrice Access Control Service (ACS) is used to solve this scenario.  


  • ACS provides federation with Internet identities such as Live ID, Google, Facebook, Yahoo!, OpenID 2.0
  • ACS provides federation with enterprise Active Directory (AD) via AD FS 2.0
  • WIF is used to parse and validate the incoming tokens at the application.

Analysis

In this solution end user tries to access the web application and the request being denied since WIF identifies there is no token in it. WIF redirects to the configrued ACS namespace. ACS redirects the end user to the configured identity provider (IdP) where he submits his credentials. Upon successful authentication IdP issues a token and the end user seamlessly redirected to ACS where IdP's token is transformed into ACS token which is sent back to the end user. Then it is redirected back to the web application where the ACS' token validated by WIF. All that occurs seemlessly to the end user. For more details read Web Applications and ACS

How To's

Code Samples

Resources