Archive

Archive for February, 2015

Identity Server v3 Intro Commercial LOB Application

February 23, 2015 Leave a comment

Welcome to the introduction of a series of blog post described how to setup up Identity Server to use Claims based Identity for a commercial Line of Business, Microsoft software application.

Before we get started, here are links to all posts and sample code.

Links

Intro Identity Server v3 Walk through for LOB application

Part 1 Hosting Identity Framework With IIS

Part 2 IDSv3 Web Api & WCF Configuration

Part 3 IDS Client Walkthrough

Client Sample Code

Identity Server Code

 

I’m writing these series of blog post for a couple of reasons.

1) As with most products, samples and documentation show “simple” ways of doing things which really aren’t that much help. I’ve wasted 3 to 4 weeks digging around, asking questions etc just to get to where we are today. My goal is that posting these samples it will save other time and they can add to these posts overtime so we all end up with better implementations.

2) Documentation for our internal team. Also, building off 1, my hope is again our team reads and takes what I have and studies it and shares ideas going forward. Along with others out on the internet who use these samples.

The key to the software we build is maintainability and flexibility.

For a typical application, we will have a UI solution and then a service solution. Going forward with our new applications, we want to utilize the built in Claim functionality of .Net so we’re adding a third web application which host the Identity Server v3 framework. Also to have a SSO framework for our applications.

In our blogs we will start with:

Part 1 which will be what it takes to setup and host Identity Server v3 in IIS which can be found here. The following will be covered:

  1. How to setup a 2048+ bit certificate and then how to make sure your app pool account has permissions.
  2. We will hard code our Client & Scope data. We won’t go into many details as its fairly straight forward for the examples.
  3. We will create a simple LocalClaimsProvider as well as a Local User Service. We won’t tie directly to a database. However, in these classes you will be able to write your own code to use whatever type of repository you like.

     

Part 2 will consist of the building services that will utilize tokens from IDSv3. This blog post can be found here.

  1. First we will do a simple walk through how to setup a WebApi service to use a JWT token from IDS v3.
  2. Then we will create a WCF service and add code which will allow WCF to use a JWT bearer token passed from a client obtained from IDSv3.
    1. Note at this time, this sample will only work with a JWT token.

Part 3 will consist of building a simple console application. This blog post can be found here.

  1. The console application will contain a WSDL from our WCF service we build in Part 1.
    1. We will build an HTTP Authorize Header which will contain a JWT which will be used by code we mentioned in Part 2.
  2. The console app will make a call to a WebApi controller method.

 

In summary, we’re going to do a walkthrough of the UI, WebApi & WCF services & hosting Identity Server v3 in IIS. This should give developers who build enterprise LOB applications a good start of integrating Claims & IDS v3 into their applications.

The Identity Server solution that contains Web Api & WCF services can be found https://github.com/kkfrosty/IdentityServer/.

The client console application can be found here.

Categories: Identity Server