How do I authenticate to a WCF service via ACS integration with Windows Live ID?

StackOverflow https://stackoverflow.com/questions/8979450

Question

I have a WCF service that uses UserName authentication via ACS. This works great when I'm using Service Identities but when I try to use my Windows Live ID credentials I get the following error:

System.ServiceModel.FaultException: ACS10002: An error occurred while processing the SOAP body. ACS50012: Authentication failed. ACS50026: Principal with name 'louis@arsunica.com' is not a known principal.

Unfortunately I've yet to find an example of how one uses Windows Live ID with a WCF service. The only examples I could find seem to be focused on integrating multiple identity providers with ASP.NET or MVC websites.

Any help in this regard would be greatly appreciated....

Était-ce utile?

La solution

ACS won't authenticate your Live ID username and password directly. ACS acts as a federation provider for Live ID, it's a go-between, so it will only consume tokens issued by Windows Live ID. ACS supports Live ID authentication out of the box in passive (browser redirect) based scenarios but for a WCF service you might consider using Live Connect APIs instead.

To use LiveID with your service, your client first authenticates itself to LiveID, and then presents a LiveID-issued token to your WCF service. Brace yourself though, there would be some hoops to jump through to set all of this up.

To use the Live Connect APIs, you would register your WCF service as an application with Live ID. Clients that consume your WCF service would then need to be capable of handling the web based login page and user consent pages that Live ID will prompt. The docs below are a good start

http://msdn.microsoft.com/en-us/library/hh243641.aspx

http://msdn.microsoft.com/en-us/library/hh243647.aspx

http://msdn.microsoft.com/en-us/library/windows/apps/hh465098.aspx

The next problem is the token you'll get from Live Connect will be in JWT (JSON Web Token) format. I'm not sure if you can request a different token format from live connect, but if your WCF service authentication is WIF based, it most likely expects SAML tokens. JWT is a rather new token format that WIF doesn't yet support so you would have to configure a WIF SecurityTokenHandler on your service that understands JWT tokens. The third link above has some code for reading JWTs, which is a start at least.

Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
scroll top