Implementing Windows Identity Foundation with MVC 4

1
votes

I have a set of applications which access the same database to authenticate the user. The idea is to have a portal where a user can login once and then be able to access applications he has access to (SSO). The user can either login with username/ password or with his domain account.

I'm new to WIF, and I'm trying to see whether it's a good idea to implement this with WIF. I'm using MVC 4 and Visual Studio 2012 and I've downloaded the Access & Identity tool from the Extension Gallery. But it seems that it uses local STS from the tool to mimic an STS website. My questions are..

1
asp.net-mvc-4visual-studio-2012single-sign-on.net-4.5wif

1 Answers

3
votes

So if I understand the requirements correctly you want a single sign on for multiple web applications that are located on different domains. If that is the case then a claims-based identity with tokens is a a good solution. WIF supports this and the good news is that WIF is part of .NET 4.5 and not a separate library now. The STS that comes with the Access & Identity tools is just for debugging and testing during development. You can create an STS using Active Directory Federation Services or Windows Azure AppFabric Access Control. There are some good training courses on Pluralsight in this area. One course I would recommend is "Identity and Access Control in ASP.NET 4.5" by Dominick Baier. You can try out the course by using Pluralsight's free trial. Another good source of information on this topic is Dominick's blog. He is also the primary author of an open source project called IdentityServer which is a light-weight security token service built with .NET 4.5, MVC 4, Web API and WCF. There are examples in the project.