Announcing the Identity Developer Training Kit


digg_url = “http://blogs.msdn.com/vbertocci/archive/2009/05/11/announcing-the-identity-developer-training-kit.aspx”;digg_title = “Announcing the Identity Developer Training Kit”;digg_bgcolor = “#FFFFFF”;digg_skin = “normal”;

digg_url = undefined;digg_title = undefined;digg_bgcolor = undefined;digg_skin = undefined;


clip_image002[3]


If you were wondering what kept me up in the evenings of the last few months, wonder no more 🙂


The Identity Developer Training Kit is a set of hands-on labs and resources designed to help developers to take advantage of Microsoft’s identity products and services. Being designed for developers, the kit focuses on the Geneva Framework: however it also gives guidance on how to take advantage of Geneva Server, Windows Live ID, the Microsoft Federation Gateway and the .NET Access Control Service (which is featured in a renewed and expanded lab). Most of the tasks are demonstrated both for ASP.NET web applications and for WCF services. We went to great lengths for eliminating as much as possible the friction that is traditionally associated with security samples, by providing configuration scripts and tools which automate many of the setup steps.


We took special care to follow a progressive approach, in which we introduce concepts and ideas gradually: however we made sure that every single step is useful for solving a real-life problem, so that your never have to wait for seeing the value that the product/service/approach delivers. Future releases of the kit will include presentations, which will follow the same philosophy. I will blog more extensively about the kit in the next days. A reduced version of the kit is being used right now as HOL here at TechEd US, so if you are here in L.A. you can have fun with it! If you have issues, you find me at the Geneva booth most of the time: I am the one with short silver hair and glasses. Seriously. NOOT 😀


The Identity Developer Training Kit is the result of a close collaboration between us in evangelist and the identity product team, and I hope I am not showing too much hubris if I dare say it came out pretty well: I am delighted that we finally managed to make something like this available to the developer community, and I am looking forward for your feedback. Happy coding!

9 Comments

  1. I’ve spent 3 days trying to get a custom SecurityTokenHandler to load and not only is it never called, but none of the examples in the training kit are ever called either! I’m using VS2010 RTM, WIF SDK 4.0 and WIF runtime, with the April update to the training kit. Any ideas greatly appreciated.

  2. Hi Vittorio, i got a similar problem. Custom SecurityTokenHandler is loaded but is it never called ( ValidateToken ). Any ideas?

    The project was created from vs2010 menu (New web site … ASP.NET STS Web site)

    CustomUserNameSecurityTokenHandler Class

    Code:

    public class CustomUserNameSecurityTokenHandler : UserNameSecurityTokenHandler

       {

           public CustomUserNameSecurityTokenHandler()

           {

           }

           public override ClaimsIdentityCollection ValidateToken(SecurityToken token)

           {

               UserNameSecurityToken userNameToken = token as UserNameSecurityToken;

               if (userNameToken == null)

                   throw new SecurityException(string.Format(“Invalid token provided: {0}. Expecting UserNameSecurityToken.”, token.GetType()));

               ExtraredUserProvider credentialStore = new ExtraredUserProvider();

               // Authenticate the caller against the credential store.

               if (credentialStore.ValidateUser(userNameToken.UserName, userNameToken.Password) == false)

                   throw new SecurityTokenValidationException(“El usuario o contraseña es incorrecto”);

               UserInformation userInfo = credentialStore.GetUserInformation(userNameToken.UserName);

               ClaimsIdentityCollection identities = new ClaimsIdentityCollection();

               ClaimsIdentity claimsIdentity = new ClaimsIdentity(“CustomUserNameSecurityTokenHandler”);

               identities.Add(claimsIdentity);

               return identities;

           }

           public override bool CanValidateToken

           {

               get { return true; }

           }

       }

    Web.Config

     <microsoft.identityModel>

       <service>

         <securityTokenHandlers>

           <remove type=”Microsoft.IdentityModel.Tokens.WindowsUserNameSecurityTokenHandler, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35″/>

           <remove type=”Microsoft.IdentityModel.Tokens.MembershipUserNameSecurityTokenHandler, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35″ />

           <add type=”CustomUserNameSecurityTokenHandler, App_Code” />

         </securityTokenHandlers>

       </service>

     </microsoft.identityModel>

    Thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *