New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for enterprise single sign on using WIF #525

Closed
wants to merge 48 commits into
base: master
from

Conversation

Projects
None yet
3 participants
@woloski

woloski commented Jul 11, 2012

Implemented

  • WS-Federation + SAML tokens support
  • WIF Configuration in AppSettings instead of default config section to simplify cloud deploy
  • Identity provider selector if using Windows Azure Active Directory

demo here: http://jabbr-auth10.apphb.com

TODO

  • refactor user - identity association of JanRain and FedAuth into a single class
  • federated logout when doing /logout
  • get rid of FedAuth cookie since Jabbr uses its own cookie by removing SessionAuthModule, need some testing
@davidfowl

This comment has been minimized.

Show comment
Hide comment
@davidfowl

davidfowl Jul 11, 2012

Would put this in it's own css file and add it to the minified bunch.

davidfowl commented on JabbR/default.aspx in 48ab1d3 Jul 11, 2012

Would put this in it's own css file and add it to the minified bunch.

@davidfowl

This comment has been minimized.

Show comment
Hide comment
@davidfowl

davidfowl Jul 11, 2012

Assign this complex expression to a variable up top and use that.

davidfowl commented on JabbR/default.aspx in 48ab1d3 Jul 11, 2012

Assign this complex expression to a variable up top and use that.

@davidfowl

This comment has been minimized.

Show comment
Hide comment
@davidfowl

davidfowl Jul 11, 2012

I'd make this a more generic concept.

davidfowl commented on JabbR/Hubs/Chat.cs in 19d406d Jul 11, 2012

I'd make this a more generic concept.

Show outdated Hide outdated JabbR/Web.config
Show outdated Hide outdated JabbR/default.aspx
Show outdated Hide outdated JabbR/Web.config
Show outdated Hide outdated JabbR/Hubs/Chat.cs
@xerners

This comment has been minimized.

Show comment
Hide comment
@xerners

xerners Jul 11, 2012

After Thursday I will help out with this

xerners commented Jul 11, 2012

After Thursday I will help out with this

@woloski

This comment has been minimized.

Show comment
Hide comment
@woloski

woloski Jul 11, 2012

Ok, @davidfowl check out the latest code and let me know.

woloski commented Jul 11, 2012

Ok, @davidfowl check out the latest code and let me know.

@woloski

This comment has been minimized.

Show comment
Hide comment
@woloski

woloski Jul 20, 2012

Done with removing duplication on account linking into IdentityLinker service: eba63fa. Tests: 0d88209

woloski commented Jul 20, 2012

Done with removing duplication on account linking into IdentityLinker service: eba63fa. Tests: 0d88209

@xerners

This comment has been minimized.

Show comment
Hide comment
@xerners

xerners Jul 24, 2012

Is there a build of this running anywhere with AAD integration? I'd like to demo that internal Microsoft if possible to our AAD team :-)

xerners commented on 48ab1d3 Jul 24, 2012

Is there a build of this running anywhere with AAD integration? I'd like to demo that internal Microsoft if possible to our AAD team :-)

This comment has been minimized.

Show comment
Hide comment

This comment has been minimized.

Show comment
Hide comment
@xerners

xerners Jul 24, 2012

I got this to work with AAD, but only after creating the Reply in auth.waad. I'll fork this and commit what I did to get this to work with Office365 and Azure Active Directory.

xerners replied Jul 24, 2012

I got this to work with AAD, but only after creating the Reply in auth.waad. I'll fork this and commit what I did to get this to work with Office365 and Azure Active Directory.

This comment has been minimized.

Show comment
Hide comment
@xerners

xerners Jul 24, 2012

I added a gist to help understand how to configure this for webSSO with WAAD: https://gist.github.com/3168600

Essentially, you will need to provide a way back to the website after SSO. Also added demonstration of the realm "spn:"

The thumbprint is that of the Production ACS instance

I forked but need to work on Claim handing.

xerners replied Jul 24, 2012

I added a gist to help understand how to configure this for webSSO with WAAD: https://gist.github.com/3168600

Essentially, you will need to provide a way back to the website after SSO. Also added demonstration of the realm "spn:"

The thumbprint is that of the Production ACS instance

I forked but need to work on Claim handing.

@davidfowl

This comment has been minimized.

Show comment
Hide comment
@davidfowl

davidfowl Jul 27, 2012

Member

This guy needs an update (there's conflicting changes now).

Member

davidfowl commented Jul 27, 2012

This guy needs an update (there's conflicting changes now).

@xerners

This comment has been minimized.

Show comment
Hide comment
@xerners

xerners Aug 2, 2012

I'll have this fixed by EOW

xerners commented Aug 2, 2012

I'll have this fixed by EOW

woloski added some commits Aug 7, 2012

woloski
update the code to use Auth10.AspNet.SimpleConfig NuGet which has som…
…e improvements (all the code is isolated under FederatedIdentity folder, no need for post app start, no more private classes, adding replyurl support for waad, adding MachineKeySessionSecurityTokenHandler for farm friendly cookies, adding helper that allows cleaning up fedauth cookies)
@woloski

This comment has been minimized.

Show comment
Hide comment
@woloski

woloski Aug 8, 2012

This PR can be closed without merge, the rebase was more complex than I thought.
New one: #572

woloski commented Aug 8, 2012

This PR can be closed without merge, the rebase was more complex than I thought.
New one: #572

@davidfowl davidfowl closed this Aug 8, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment