Windows Azure AppFabric Access Control Service (ACS): WCF SWT/REST OAuth Scenario

Scenario

Following are characteristics of the scenario:

• WCF service that exposes its functionality via REST and requires an issued SWT token based on any type of credentials – username/password pair, symmetric key, or client certificate.

Solution

To solve this scenario, use ACS with the following configuration:

• In the app, use either custom Token Handler with WIF pipeline or parse the SWT token yourself.
• In ACS, use SWT token when configuring relying party (trust) for your WCF service.
• You can use any credential types – Password, Symmetric Key, or Client Certificates.
• Configure Service Identity depending on the credential you are using.

Supporting Materials

• Securing WCF Services with ACS
• How To: Add Service Identities with an X.509 Certificate, Password, or Symmetric Key
• Code Sample: OAuth 2.0 Certificate Authentication
• Code Sample: ASP.NET Web Service
• Code Sample: Windows Phone 7 Application
• Windows Identity Foundation (WIF) Configuration – Part V (<securityTokenHandlers>)
• Security Token Handler Collection Configuration
• Security Token Handler Configuration

Related Resources

• Video: What is ACS? (Slides)
• Video: What ACS Can Do For Me? (slides)
• Video: ACS Functionality (slides)
• Video: ACS Architecture (slides)
• Video: ACS Deployment Scenarios (slides)
• Video: ACS and the Cloud (slides)
• Video: ACS And WIF (slides)
• Video: ACS and ADFS (slides)