Windows Identity Foundation in WPF application

0
votes

I'm going to make an WPF app in which users have permissions to do certain actions. I'm searching for a library that would handle management of user's permissions.

In many places Windows Identity Foundation is mentioned as the best solution for user authentication.

I've been reading about WIF for a day long and the more I read, the more complicated it's getting.

All I need is an ability to define users and their permissions. But as I read, with WIF I'll need to use STS like TivoliĀ® Federated Identity Manager or Active Directory on Azure.

Moreover I haven't found any example with WPF, all examples base on ASP.net or WCF.

So, is it possible to use WIF with simple identification, with no transmission encryption and no message integrity verification, no complicated STS, but read for example from a local database and on WPF app ?

If not - is there any other lib that can be used to simple authentication ?

Thanks.

1
c#wpfwif
Windows already contains users and roles. WIF was used to connect with other types of identity providers. An application always runs under the current user's account, so you already know who that user is and which groups the account belongs to. The typical way in Windows is to create role-specific groups and assign users to them - Panagiotis Kanavos
@PanagiotisKanavos thanks for your comment, but I'd like to use a user permissions system not related to current logged windows user, but rather create users and their permission on app level. - Rob.Ak
Why? You already know who the user is unambiguously. Unless you want to create a kios-style application, where multiple users can use the same desktop? In any case, .NET already supports identities, roles and custom providers, you don't need WIF for this. WIF was added to handle advanced scenarios - Panagiotis Kanavos
@PanagiotisKanavos, my app won't be used on Windows on a domain. I don't want to create a Windows user "User1" and bind permissions to that name in my App, because anyone could copy my app to other computer, create there a user "User1" and use User1's permissions to do what ever he has rights to (like sending emails or logging to Facebook for example). That's why I need a user management system in my app. - Rob.Ak

1 Answers

0
votes

WIF is one of the protocols designed to authenticate with an Identity Provider like ADFS.

(The others are SAML 2.0 and OpenID Connect).

This provides a path for claims-based authentication, federation and SSO.

WIF was not designed to be used on its own.