Logo
programming4us
programming4us
programming4us
programming4us
Home
programming4us
XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
Windows Azure

Example: A return to our string-reversing service (part 3) - Sending a token as a client & Attaching the token

3/19/2011 11:50:54 AM
- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire

5. Sending a token as a client

In this section, you’re going to build a simple command-line client. This will make it easier to focus on the service aspects of the code. Feel free to make it sexy by using Silverlight or WPF.

For this client, we’ll share the contract by sharing a project reference. (Many projects do this, especially when you own both ends of the conversation.) You should either share the contract through a project reference, or through a shared assembly.

In this case, our biggest customer, Maine Reversal, will be building this client. We’ve set up a trusted relationship with them by swapping keys and configuring them in ACS—we’ll look at how to do this in the next section. Maine Reversal won’t be sending in any custom claims of their own, just their issuer identity. This process essentially gives them a secure username and password.

We’ve created a helpful utility class called ACSTokenValidator that encapsulates the process of fetching an ACS header from the AppFabric service. Again, this code is mostly from the SDK samples with some tweaks we wanted to make. (Why write new code when they give us code that works?)

To call the GetTokenFromACS method, you’ll pass in the service namespace (StringReversalInc), the issuer name (the client’s name, which is MaineReversal in this case), the signing key that Maine Reversal uses, and the URL that represents your protected resource. This doesn’t have to be the real URI of the intended destination, but in many cases will be. In security parlance this is referred to as the audience. The method call looks like this:

string Token = GetTokenFromACS("StringReversalInc",
"MaineReversal",
"ltSsoI5l+8DzLSmvsVOhOmflAsKHBYrGeCR8KtCI1eE=",
"http://localhost/processstring");

The GetTokenFromACS method performs all the work. It uses the WebClient class to create the request to ACS. If everything goes well, the ACS service will respond with a token you can put in your authorization header on your request to the string-reversal service.

The following listing shows how you can request a token from the ACS service.

Listing 2. How a client gets a token from ACS

You have to provide the GetTokenFromACS method with the base address for the request . This is a combination of the ACS service address, accesscontrol.windows.net, and the namespace for the ACS account, StringReversalInc.

To make the call, you need to provide three pieces of data: the issuer name (your name in the ACS configuration), the signing key, and the namespace of the service you’re trying to reach .

At this point, ACS will check your credentials. The issuer name is basically your username, and the signing key is your password. If everything checks out, ACS will respond with a valid token that you can attach to your request to the service .

6. Attaching the token

Attaching the token to the header of the request is fairly simple on most platforms. You can also put the token information in the URL or the message body. Doing either isn’t as good as using an authorization header, so only do this if your system doesn’t support an authorization header.

To add the token to the authorization header, you can add it to the OutgoingRequest.Headers collection:

string authorizationHeader = string.Format("WRAP access_token=\"{0}\"", httpUtility.UrlDecode(Token));
WebOperationContext.Current.OutgoingRequest.Headers.Add("authorization", authorizationHeader);

To attach the token to the header, you need to use the UrlDecode method to decode it, and then wrap it with the WRAP leading text. This tells the destination service that the token is a WRAP token. This text will be stripped off by the server once the token is validated. Then you add the header to the outgoing request using the WebOperationContext class.

That’s all the client needs to do. Your client should be robust enough to handle any errors in the ACS service call or the ACS token request being denied.

In order for the token validation and generation to work, you have to set up some configuration in the ACS service: a trusted relationship with the issuer, and some rules.

Other -----------------
- Example: A return to our string-reversing service (part 2) - Accepting tokens from ACS & Checking the token
- Example: A return to our string-reversing service (part 1) - Putting ACS in place & Reviewing the string-reversal service
- Connecting in the cloud with AppFabric : Controlling access with ACS
- Joining dynamic and infrequently changing data together
- Enterprise Service Bus with BizTalk Server and Windows Azure : Mapping the Microsoft Platform to the Enterprise Service Bus Pattern
- Enterprise Service Bus with BizTalk Server and Windows Azure : Governance Considerations
- Enterprise Service Bus with BizTalk Server and Windows Azure : Cloud-Enabling the ESB with Windows Azure
- Working with the Table service REST API : Querying data (part 3) - Filtering data with LINQ & Selecting data using the LINQ syntax
- Working with the Table service REST API : Querying data (part 2) - Querying with LINQ & Filtering data with the REST API
- Working with the Table service REST API : Querying data (part 1) - Retrieving all entities in a table using the REST API
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
programming4us programming4us
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 windows Phone 7 windows Phone 8
programming4us programming4us
 
programming4us
Natural Miscarriage
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Game Trailer