.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
Sharon Maxwell
Post New Web Links

Geneva Framework: Building A Custom Security Token Service

Posted By:      Posted Date: August 21, 2010    Points: 0   Category :ASP.Net
 

A Security Token Service, or STS, acts as a security gateway to authenticate callers and issue security tokens carrying claims that describe the caller. See how you can build a custom STS with the "Geneva" Framework.

Michele Leroux Bustamante

MSDN Magazine January 2009




View Complete Post


More Related Resource Links

Now Playing: Building Custom Players with the Silverlight Media Framework

  

The Silverlight Media Framework is an extensible and scalable video framework upon which you can create your own player experiences. We'll walk you through a custom player project that displays suggested videos for further viewing after the current video ends.

Ben Rush

MSDN Magazine May 2010


Geneva Framework: A Better Approach For Building Claims-Based WCF Services

  

Here we introduce Microsoft Code Name "Geneva," the new framework for building claims-based applications and services, and federated security scenarios.

Michele Leroux Bustamante

MSDN Magazine December 2008


ADO.NET: Building a Custom Data Provider for Use with the .NET Data Access Framework

  

The System.Data.dll assembly in the .NET Framework contains namespaces whose base classes can be used to create custom data providers. These namespaces also define a number of data access interfaces and base classes that let developers create data providers that will interoperate with other custom providers. Using the ADO.NET classes Connection, Command, DataReader, and DataAdapter, writing a provider is easier than writing one for OLE DB. This article explains these classes and their implementation, and how they can be used to write a variety of different kinds of data providers.

Bob Beauchemin

MSDN Magazine December 2001


Windows Identity Foundation Security Token Service can't stay logged in

  
I'm using the Windows Identity Foundation **(WIF)** Security Token Service **(STS)** to handle authentication for my application which is working all well and good. However I can't seem to get any long running login with the STS. From my understanding I shouldn't care about the client tokens at the application level since they can expire all they want to and it should redirect me to the STS and as long as they're still logged in on the STS it should refresh their application token. Yet it doesn't seem to want to keep them signed in. Here's what occurs in my login.aspx on the STS var cookie = FormsAuthentication.GetAuthCookie(userName, persistTicket); if (persistTicket) cookie.Expires = DateTime.Now.AddDays(14); Response.Cookies.Add(cookie); var returnUrl = Request.QueryString["ReturnUrl"]; Response.Redirect(returnUrl ?? "default.aspx"); Which was taken almost directly from existing application using normal Forms Auth. From my web.config <authentication mode="Forms"> <forms loginUrl="Login.aspx" protection="All" timeout="2880" name=".STS" path="/" requireSSL="false" slidingExpiration="true" defaultUrl="default.aspx" cookieless="UseDeviceProfile" enableCrossAppRedirects="false" /> </auth

Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)

  
I have been trying to install   Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)   since it was released but downloads ok but it will not install. Everytime installation of this update fails!   Help...

The Security Token Service is not available

  
I set up SharePoint 2010 Beta on a Windows 2008 R2 server and am going through the Central Administration - Review problems and solutions: All Reports - The Security Token Service is not available and the failing service is SPSecurityTokenService.Should not this service if available been installed during installation time?  It says "The Security Token Service is not issuing tokens.  The service could be malfunctioning or in a bad state.I don't want to go any further with setting up this until I can get an answer on how to fix this?Thanks

Security Token Service is not available

  

After converting a Web Application from Classic mode to Claims Based using Powershell I can no longer access my Web Applications.

When turnign off custom errors and setting Call Stack to true. I see the below error message:

The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error.

Looking into Central Admin I see an error for the Security Token Service. The Security Token Service is not available. Explanation:

The Security Token Service is not issuing tokens. The service could be malfunctioning or in a bad state.

If I look in the App Event Logs I see:

An exception occurred when trying to issue security token: The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error..

I have applied the WCF Hotfix and restrated the server. What is causing this issue?

I am using SharePoint Foundation 2010

Any assistance is greatly needed!


Just installed SP2010 RTM. Now receiving "The Security Token Service is not available" error.

  

I have spent the better part of today researching this error and have not been able to resolve it. I made sure the "SharePoint Web Services" application pool was started. I have also rebooted the server. There was a lot of mention about a HotFix, but it was already installed. Anyone have any other ideas?

Here is the error:

The SharePoint Health Analyzer detected a condition requiring your attention. The Security Token Service is not available.

The Security Token Service is not issuing tokens. The service could be malfunctioning or in a bad state.

Administrator should try to restart the Security Token Service on the boxes where it is not issuing tokens. If problem persists, further troubleshooting may be available in the KB article. For more information about this rule, see "http://go.microsoft.com/fwlink/?LinkID=160531".
 

Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Win XP failed

  
Hii all, I just tried to patch my system with latest updates, which were huge this time (14 updates of 42 Mb in total). Out of 14 updates 13 were installed successfully and one failed with error code of 0x643:
Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Windows 2000, Windows XP, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 (KB953297)

After restarting my system I authorised the dispatch of the failure report to Microsoft. Now I wonder if anybody else has encountered such problem with this particular update?

WCF: Establishing Trust Between WCF Web Services and SharePoint 2010 Security Token Service, Part 3

  
Enable federated HTTP binding for a web service and establish trust between the Windows Communication Foundation (WCF) web service and the SharePoint 2010 security token service.

Custom Security Framework

  

I need to develop some sort of security framework for our applications.  The framework needs to be able to support security down to the field level (determine if user has access to read a text box, access to write in a text box etc....).  Does anyone know of any existing patterns?  I'm just thinking about how to approach this so I would appreciate any input?

Thanks!


twahl

Security Token Service is not available

  

I have a problem similar to others posted, but with a different error detail and I have tried most of the fixes listed in the other posts with no success.

We just performed an in-place upgrade from SP2007 to SP2010 standard.  We are using Kerberos authentication in a two server farm, both servers are Windows 2008 SP2.  Immediately after the upgrade, the subject error message appeared in Central Admin.  When I try to navigate to http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc, I get the following Error and Stack Trace...any help will be GREATLY appreciated.

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

[MethodAccessException: Microsoft.SharePoint.IdentityModel.SPSecurityTokenServiceHostFactory..ctor()]
   System.Reflection.MethodBase.PerformSecurityCheck(Object obj, RuntimeMethodHandle method, IntPtr parent, UInt32 invocationFlags) +0
   System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo

Error message "Could not locate the security token referenced by key info" with WCF custom client (V

  

Hello,

I’m trying to develop a custom client, a console application, to connect it with a Web Service (Java Web Service) and call publics web methods with Visual Studio 2008 (.Net Framework 3.5) and WCF, but I’m getting an error message (“Could not locate the security token referenced by key info”).

I’m employing two certificates, a server certificate and a client certificate, because I have to sign and encrypt the message that I send to the Web Service. Both certificates are correctly installed in my certificate repository. In my client Web Service generated with “svcutil” tool, I’m added this line to sing and encrypt the message:

“<System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", 

Any framework for creating a job scheduler service?

  

Just curious to know if there was any official Microsoft code blocks, classes, or such for writing a service that runs other assemblies or WCF services?  That can be configured easily from a web page, pre-coded, for running tasks at certain times on certain recurring intervals?  I've already built one but am open to anything done better- which I'm sure there is.  Thanks!!!


Smart Client: Building Distributed Apps with NHibernate and Rhino Service Bus, Part 2

  

Smart client applications are responsive and promote interactivity with the user. In this article, we continue building a smart client application using NHibernate for data access and Rhino Service Bus for reliable communication with the server.

Oren Eini

MSDN Magazine August 2010


Smart Client: Building Distributed Apps with NHibernate and Rhino Service Bus

  

Smart client applications are responsive and promote interactivity with the user. In this article, we start the processes of planning and building a smart client application using NHibernate for data access and Rhino Service Bus for reliable communication with the server.

Oren Eini

MSDN Magazine July 2010


Security Briefs: Regular Expression Denial of Service Attacks and Defenses

  

Microsoft security expert Bryan Sullivan believes denial-of-service blackmail attacks will become more common as privilege escalation attacks become more difficult to execute. He demonstrates how to protect your apps against regular expression DoS threats.

Bryan Sullivan

MSDN Magazine May 2010


Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend