Securing WCF with ACS using identity providers.

Question

4.50/5 (2 votes)

See more:

Hi.
Im working on a project were we host a webservice on the azure platform.

The service is being consumed by a iphone client. What we want to do is secure the service using AccessControlService(ACS) on appfabriclabs.

Is it possible to obtain a token from ACS by using identity provider credentials like facebook or google?

THX

Posted 9-Feb-11 1:14am

twDuke

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

TheyCallMeMrJames · Answer 1 · 2011-02-09T08:26:00

Yes, you can do this, but I don't think you'll be using the ACS to obtain the token.

I know for sure that Facebook (and Twitter, many others) requires that you display their app connection screen to gather credentials. You could do it on your own (in-app) and pass that through to the FB service, but it's against the ToS. Your best bet is to get the user to sign in from the device using the prescribed approach.

Besides, using the 3rd party service to sign in (such as FB) means that you don't have to worry about security/privacy implications as you're not collecting/storing the users' credentials.

Cheers.

Zanathel · Answer 2 · 2011-02-17T21:36:00

Hi there!

I'm presently trying to secure a Windows Azure RESTful service with ACS against 3rd party identity providers, namely Google and Live. I have sought the Internet for information pertaning to this particular challenge, without much avail.

I would highly appreciate all advise that I can possibly get on how to implement this. Our web service will primarily talk to iPhone and Andoroid devises.

Thank you! :)

Securing WCF with ACS using identity providers.

2 solutions

Solution 1

Solution 2

Add your solution here

Preview 0