MSDN >
Home page del forum
>
AppFabric
>
Live Id authenticate with access control with out the help of geneva framework
Live Id authenticate with access control with out the help of geneva framework
- i want to authenticate the Live Id using access control from client side console based application in azure with out the help of geneva framework.
is it possible to authenticate?
any examples are there so that it would be helpful.
another query is we are using
1. microsoft.net services sdk march 2009
2.microsoft.net framework 3.5 sp1
3.windows azure sdk
For installing the geneva framework should we uninstall microsoft.net framework 3.5 sp1?
in case if we install geneva framework will support to run other demos which was running with microsoft.net framework 3.5 sp1?- Modificatovinayrajaram mercoledì 1 luglio 2009 4.58modifications
Risposte
- The Geneva Framework runs with .NET 3.5 SP1 without any problems, I even think it needs .NET 3.5 SP1. The Geneva Framework just adds a few dlls to provide all the necessary tools to handle claim-based security and the WS-Federation protocols. It makes life incredibly easier to develop a claims-aware application, or to develop an STS.
For your initial question, I do not understand how you can have a console client application hosted in Azure... Also, it seems it is not possible to use LiveID authentication through Access Control in a console (or client application). Search threads about Live ID authentication in active mode for more information. You might be able to use Live APIs for authentication without using Access Control Service, and use ACS for authorization with self-issued tokens once your user is authenticated (using the Geneva Framework).- Contrassegnato come rispostaYi-Lun LuoMSFT, Moderatorelunedì 6 luglio 2009 10.28
- Hello, if the only reason you don't want to use Geneva Framework is you're concerned it will break .NET 3.5 SP1, please don't worry. Geneva Framework does not conflict with .NET 3.5 SP1. When installed, it just adds some assemblies to your GAC. If a computer does not have Geneva Framework installed, your applciation that is written with Geneva Framework will continue to work, as long as you ship the assemblies with your application, and the target machine has .NET 3.5 or above (include SP1) installed.
That being said, without the help of Geneva Framework, it will be very difficult to work with Live ID and ACS. You'll have to:
1. Send a WS-Trust request to https://login.live.com/liveidSTS.srf. The address may change in the future. You can get the latest address from the TargetServiceEndpoint tag from the metadata located at https://nexus.passport.com/federationmetadata/2006-12/federationmetadata.xml. For more information about the format of the request body, please refer to the "Smart Client Sign-in" part of the Microsoft Federation Gateway document located at http://msdn.microsoft.com/en-us/library/cc287610.aspx.
2. Get the response from Live ID, extract the SAML token.
3. Send a WS-Federation request to ACS. This can be a lot of work. You will have to refer to the WS-Federation Spec located at http://docs.oasis-open.org/wsfed/federation/v1.2/cd/ws-federation-1.2-spec-cd-02.html.
Geneva Framework handles all the dirty work for you. So I would suggest you to use Geneva Framework if possible.
Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.- Contrassegnato come rispostaYi-Lun LuoMSFT, Moderatorelunedì 6 luglio 2009 10.27
Tutte le risposte
- Access Control Settings
CalcComplex http://docs.oasis-open.org/wsfed/authorization/200706/claims/CalcComplex CalcSimple http://docs.oasis-open.org/wsfed/authorization/200706/claims/CalcSimple
input claim type : WLID value UserA@xxxx.com Issuer live.com
output claim type: CalcSimple value Calculator.Add Issuer solutionname.accesscontrol.windows.net
input claim type : WLID value UserB@xxxx.com Issuer live.com
output claim type: CalcComplex value Calculator.Multiply Issuer solutionname.accesscontrol.windows.net
We have done all the access control setting in the azure development portal
but code in the client side is using geneva framework.
I want to authenticate from client side using email address through access control with out using geneva framework.
Please provide example related to authenticate email address through access control.- UnitoYi-Lun LuoMSFT, Moderatoremercoledì 1 luglio 2009 10.00Same thread.
- As per my understanding you can make authentication through passport or live id or through geneva server. May be if you want to authinticate, u may have to store it in database and authinticate.
Phaneendra - The Geneva Framework runs with .NET 3.5 SP1 without any problems, I even think it needs .NET 3.5 SP1. The Geneva Framework just adds a few dlls to provide all the necessary tools to handle claim-based security and the WS-Federation protocols. It makes life incredibly easier to develop a claims-aware application, or to develop an STS.
For your initial question, I do not understand how you can have a console client application hosted in Azure... Also, it seems it is not possible to use LiveID authentication through Access Control in a console (or client application). Search threads about Live ID authentication in active mode for more information. You might be able to use Live APIs for authentication without using Access Control Service, and use ACS for authorization with self-issued tokens once your user is authenticated (using the Geneva Framework).- Contrassegnato come rispostaYi-Lun LuoMSFT, Moderatorelunedì 6 luglio 2009 10.28
- Hello, if the only reason you don't want to use Geneva Framework is you're concerned it will break .NET 3.5 SP1, please don't worry. Geneva Framework does not conflict with .NET 3.5 SP1. When installed, it just adds some assemblies to your GAC. If a computer does not have Geneva Framework installed, your applciation that is written with Geneva Framework will continue to work, as long as you ship the assemblies with your application, and the target machine has .NET 3.5 or above (include SP1) installed.
That being said, without the help of Geneva Framework, it will be very difficult to work with Live ID and ACS. You'll have to:
1. Send a WS-Trust request to https://login.live.com/liveidSTS.srf. The address may change in the future. You can get the latest address from the TargetServiceEndpoint tag from the metadata located at https://nexus.passport.com/federationmetadata/2006-12/federationmetadata.xml. For more information about the format of the request body, please refer to the "Smart Client Sign-in" part of the Microsoft Federation Gateway document located at http://msdn.microsoft.com/en-us/library/cc287610.aspx.
2. Get the response from Live ID, extract the SAML token.
3. Send a WS-Federation request to ACS. This can be a lot of work. You will have to refer to the WS-Federation Spec located at http://docs.oasis-open.org/wsfed/federation/v1.2/cd/ws-federation-1.2-spec-cd-02.html.
Geneva Framework handles all the dirty work for you. So I would suggest you to use Geneva Framework if possible.
Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.- Contrassegnato come rispostaYi-Lun LuoMSFT, Moderatorelunedì 6 luglio 2009 10.27
