SAML 2.0 using Windows Identity Foundation? RRS feed

  • Question

  • Hi,
      this is our setup & requirement:

    * We have a main portal, developed on top of a 3rd party CMS, in ASP.Net 4.0
    * We would like this portal to act as Identity Provider for other internal & external portals. All parties are mutually trusted.

      We would like to use SAML 2.0 for all the authentication traffic between portals. Is my assumption correct?
    * The client portals (Relying parties) can use Windows Communication Foundation and send an authentication request to the Identity provider using SAML 2.0 protocol.
    * The Identity Provider internally uses the 3rd party CMS system for authentication & generates SAML 2.0 tokens, using WIF

    This is where I am stuck! WIF has support for SAML 2.0, but only as a Community Technology Preview (CTP). See: http://blogs.msdn.com/b/alikl/archive/2011/05/16/windows-identity-foundation-wif-extension-for-saml-2-0-protocol-community-technology-preview-ctp.aspx   
    As you can see, this CTP was released more than a year ago, and nowhere could I find any updates about the final release, nor any info from Microsoft on whether they intend to continue supporting SAML 2.0.

    what is recommended way to go forward? Use SAML 1.1? or use WIF latest CTP? Any other alternative?

    Thursday, June 28, 2012 12:36 PM