Vibro.NET ----> moved to www.cloudidentity.com!!! - All Comments

re: Using the BootstrapContext property in .NET 4.5

iConcepts — Thu, 21 Feb 2013 04:20:17 GMT

Thanks Danila, yes i'm still seeing what I think is a bug with the SecurityToken becoming a null.

using that possible solution doesn't seam to work with JSON Web Tokens (JWT) because while the following code line creates a JWTSecurityToken from the bootstrapContext.Token

JWTSecurityToken jwt = handlers.ReadToken(new XmlTextReader(new StringReader(bootstrapContext.Token))) as JWTSecurityToken;

The token appears to be missing its signature and throws the following error if you try to validate it.

JWT10312: Unable to validate signature, JWT does not have a signature:

any ideas on how to get around this or is there a way to get the signature and concatenate it or does this compromise the users security?

any help appreciated!

re: Microsoft ASP.NET Tools for Windows Azure Active Directory – Visual Studio 2012

Mario Saccoia - MSP — Tue, 19 Feb 2013 14:04:57 GMT

Very great feature!!!

re: Using the BootstrapContext property in .NET 4.5

Danila Polevshikov — Mon, 18 Feb 2013 10:00:37 GMT

Confirm bug with a SecurityToken becoming a null.

Possible solution (thanks to a stackoverflow.com/.../wif-4-5-bootstrapcontext-security-token-null)

if (context.SecurityToken != null)

{

token = context.SecurityToken;

}

else if (!String.IsNullOrEmpty(context.Token))

{

var handlers = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.SecurityTokenHandlers;

token = handlers.ReadToken(new XmlTextReader(new StringReader(context.Token)));

}

re: Windows Identity Foundation Tools for Visual Studio 2012 RTM

Andrew Lavers — Mon, 11 Feb 2013 23:21:34 GMT

Hey Vittorio,

I just finished a small hackathon project at work. We have a customer facing site built on django. I implemented and demoed a feature that lets users link their existing accounts to consumer identity providers.

I used ACS to do this of course :) I also went ahead and tried out the latest Identity and Access tools for VS, pleasently impressed with how awesome they are. Fantastic work!

re: Using the BootstrapContext property in .NET 4.5

iConcepts — Fri, 01 Feb 2013 05:52:03 GMT

Hi Paul, Vittorio,

did you have any love with the BootstrapContext.SecurityToken disappearing - i'm seeing the same behaviour..

it works for the first one or two calls to the back end from the front end but then the security token shows as null.

when I try to recreate the security token (i'm not sure if im doing it right for JWT):

var handlers = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.SecurityTokenHandlers;

JWTSecurityToken jwt = handlers.ReadToken(new XmlTextReader(new StringReader(bootstrapContext.Token))) as JWTSecurityToken;

(as you mentioned) it seams to have the session information but not the token from the idp so subsequent calls using "poorman's" delegation fails.

any thoughts?

re: Single Sign On with Windows Azure Active Directory: a Deep Dive

michiel van buuren — Fri, 25 Jan 2013 20:00:57 GMT

Great in depth explanation. Now the WAAD is GA the url for retriving the federationmetadata has changed to accounts.accesscontrol.windows.net/.../FederationMetadata.xml.

Michiel

re: Group & Role Claims: Use the Graph API to Get Back IsInRole() and [Authorize] in Windows Azure AD Apps

Christian Metz — Wed, 23 Jan 2013 15:26:29 GMT

Thanks a lot! This closes the gap between what was currently out there in your documentation. Next step for me would be, to get to know how to authorize a second Azure AD within my application.

re: Group & Role Claims: Use the Graph API to Get Back IsInRole() and [Authorize] in Windows Azure AD Apps

Wouter — Wed, 23 Jan 2013 06:14:04 GMT

This is exactly what I was looking for. I couldn't understand how to retrieve the symmetric key for accessing the graph after using the mvc tool.

Very nice.

re: Provisioning a Windows Azure Active Directory Tenant as an Identity Provider in an ACS Namespace

robertobmsn — Fri, 28 Dec 2012 21:17:31 GMT

What should I make of the puid claim issued by o365 and azure active directory tenants that I've enabled as identity providers in my acs namespace federation provider setups? Is it a unique value that will stay the same regardless of name changes similar to old passport [ -> liveId - > microsoft account ] puids?

re: Windows Identity Foundation in the .NET Framework 4.5 Beta: Tools, Samples, Claims Everywhere

Altenstedt — Wed, 12 Dec 2012 13:19:03 GMT

Any news on the missing Silverlight OOB sample as commented by Remco Blok?