Which Technology Stack Should I Use for Claims-Aware Applications

StackOverflow https://stackoverflow.com/questions/22239993

Question

This is a second attempt with better wording of the problem I'm facing.

I have a simple requirement to implement an application that will allow web applications and standalone services that will be claims-aware (using ADFS). Note that I am talking about windows services in addition to web applications.

Which enabling interoperable technologies should a developer pick?

For the life of me, I can't find a resource that says: to build a claims-aware application using the latest upcoming frameworks, install these packages.

From a framework point of view, I am talking about the following:

  • Microsoft.IdentityModel
  • Microsoft.Owin
  • System.IdentityModel
  • Microsoft.Asp.Net.Identity

Which should I be using? Alpha / Beta packages are fine.

Thank you, Richard

Was it helpful?

Solution

in .net 4.5 IdentityModel is now part of the core libraries (so it no longer called Microsoft.IdentityModel).

So for your system you would need the following:

  1. System.IdentityModel for the FederationAuthenticationModule (which intercepts and verifies your SAML token submission) and for the SessionAuthenticationModule (which serializes/deserializes your claims.)

To create the claims that you will send between your applciations you would use:

  1. System.Security.Claims

as I mentioned these are both in .net 4.5.

OTHER TIPS

Microsoft.IdentityModel is the one you are looking for. 

Microsoft.IdentityModel.Claims for IClaimsIdentity interface.

Microsoft.IdentityModel.Web for WSFederationAuthenticationModule.

Yup - System.IdentityModel is the way to go.

Refer: What's New in Windows Identity Foundation 4.5.

If you are wondering what the difference between WIF 3.5 and 4.5 is, refer:

Guidelines for Migrating an Application Built Using WIF 3.5 to WIF 4.5

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top