Clarity, Technology, and Solving Problems | PracticeThis.com
WP7 App with Key Windows Azure resources – Slides, Videos, How-To’s, and T-shooting – for quick consumption on the go.
Content in this step adopted and adapted from Code Quick Launch: Create and deploy an ASP.NET application in Windows Azure.
To create and run an ASP.NET service for Windows Azure
Launch Microsoft Visual Studio 2010 with administrator privileges. To launch Visual Studio with administrator privileges, right-click Microsoft Visual Studio 2010 and then click Run as administrator.
On the File menu, click New, and then click Project.
Within the New Project dialog, navigate to Installed Templates, Visual C#, and click Cloud.
Click Windows Azure Project. If needed, modify the Location: field, which indicates where your solution will be stored. Click OK to close the New Project dialog.
Within the New Windows Azure Project dialog, navigate to Visual C#, click the ASP.NET Web Role, and then click the > symbol. This will add a web role to your Windows Azure solution. A web role provides an environment for running web sites or applications as supported by Internet Information Services (IIS) 7.0. Click OK to close the New Windows Azure Project dialog.
[Optional] At this point you could compile and run the application. However, you could also customize the text displayed in the web page by modifying Default.aspx. This won’t fundamentally change the application, but it will show you how similar this application is to a traditional (non-cloud) ASP.NET application. To modify Default.aspx, open Solution Explorer. If Solution Explorer is not visible, from the View menu click Solution Explorer. Within Solution Explorer, expand WebRole1 and double-click Default.aspx. Modify the Welcome to ASP.NET! text to become Welcome to ASP.NET in Windows Azure!. Save and close Default.aspx.
Compile and run the service by clicking Debug from the menu and then clicking Start Without Debugging.
Assuming no compile errors or client machine errors, at this point you should have the service successfully running in the local development environment.
Content in this step adopted and adapted from How To: Create My First Claims Aware ASP.NET application Integrated with ACS v2
If you have not created Windows Azure AppFabric project follow the steps below. If you already created Windows Azure AppFabric Project you can skip to creating a namespace which is next.
To create a Windows Azure AppFabric project
If you have not created Windows Azure AppFabric namespace follow the steps below. If you already created Windows Azure AppFabric namespace you can skip to launching Access Control management portal which is next.
To create namespace within your Windows Azure AppFabric project
To launch the ACS v2.0 Management Portal
On the Project page, once the service namespace you created in Step 2 is active, click Access Control.
You are redirected to the page that displays your project ID, allows you to delete the Service Namespace, or launch the ACS v2.0 Management Portal.
To launch the ACS v2.0 Management Portal, click Manage Access Control.
This section describes how to add identity providers to use with your relying party application for authentication. Identity Provider is a service that lets end users authenticate themselves to your application. For more information about identity providers, see Identity Providers.
To add identity provider
On the ACS v2.0 Management Portal, click Identity Providers.
On Identity Providers page, click Add Identity Provider, and then click Add button next to Google, doing so your users will be able to authenticate to your Web Application using their Google credentials. You can optionally choose other Identity Providers such as Live ID, Facebook, Yahoo!
The Add Google Identity Provider page prompts you to enter a login link text (the default is Google) and an image URL. This URL points to a file of an image that can be used as the login link for this identity provider (in this case, Google). Editing these fields is optional. For this demo, do not edit them, and click Save.
On Identity Providers page, click Return to Access Control Service to go back to the ACS v2.0 management portal main page.
This section describes how to setup a Relying Party Application. In ACS v2.0, a Relying Party Application is a projection of your web application into the system. It defines the URLs for your application, token format preference, token timeout, token signing options, and token encryption options. For more information about relying party applications, see Relying Party Applications
To setup a relying party application
On Add Relying Party Application page, do the following:
On Relying Party Applications page, click Return to Access Control Service to go back to the ACS v2.0 management portal main page.
This section describes how to define rules that drive how claims are passed from identity providers to your relying party application. For more information about rules and rule groups, see Rules and rule groups.
To create rules
You can find all the information and code necessary to modify your relying party application to work with ACS v2.0 on the Application Integration page. You will use this information when configuring your cloud web application for federated authentication.
To view the Application Integration page
This section describes how to integrate ACS v2.0 with the Windows Azure Web Role ASP.NET cloud application that you created in step 1. The essence of the step is configuring trust between the ASP.NET application (Relying Party) and ACS v2.0.
To configure trust between the ASP.NET Relying Party Application and ACS v2.0
In Federation Utility wizard, do the following:
On Security Token Service page, select Use Existing STS, enter the WS-Federation Metadata URL published by ACS v2, and then click Next. This is the URL you copied last in the previous step, it should look similar to the following:"
Once you successfully finish running the Federation Utility wizard, it adds a reference to the Microsoft.IdentityModel.dll assembly and writes values to your Web.config file that configures the Windows Identity Foundation in your ASP.NET MVC 2 Web Application (TestApp).
<deny users="?" />
<!--set this value-->
<!--set this value-->
<deny users="?" />
This post is a continuation of How To: Configure Windows Azure Web Role ASP.NET Web application for Federation with Access Control Service (ACS) v2
Consider the following canonical scenario for distributed applications deployed to Windows Azure:
Here are couple of scenarios that could resonate with you depending how you run your business.