Security Token Service upgrade from .Net 3.0/IIS7 to .Net 4.0/IIS 8

Question

I have upgraded a .Net 3.0 project to .Net 4.0. To authenticate login on this project a user is redirected to a STS (Security Token Service, also upgraded to .Net 4.0) with the previous URL. On login the STS instance authenticates the login details and redirects to the given URL (back to my system). This STS is Client code and I do not have access to it.

In Visual Studio (2010 onwards) this works fine. I run the site under Visual Studio Development Server and IIS Express with no problems (Windows 7/Windows Server 2012). When I run this under Local IIS 8 Web server, I lose the roles in the token. This works perfectly in 7/7.5, but not in 8.

I'm wondering if I may have missed something in my IIS 8 configuration?

var claimsIdentity = Thread.CurrentPrincipal.Identity as ClaimsIdentity;
IList<string> userRoles = claimsIdentity.GetRoles();

I've attached the results of the above to my Http header (the same roles my system uses) and see that there are no longer any userRoles (list is empty). But my claimsIdentity has the right user.

I would be very greatful for any pointers.

Answer 1

So I have managed to get the original installers working. My installer had a dependency for 'my' old .Net 3, which was why it wasn't working before. This is under the "launch condition editor" on the right-click menu of the installer, nb you also need the prerequisite on the properties to have .Net 4). After fixing the installer and using it to setup the website the system authenticates correctly. This leads me to believe that it was likely a problem with my configurations.

As to what property it was exactly I can't say, as comparing the web.configs has multiple differences. Why this IIS 7.5 works but it's web.config in IIS 8 doesn't is beyond me (same web.config).