I am just starting with claims-based security and asking a question related to delegation identification. I managed to set up a local dummy STS and a couple of WCF services that rely on it for authentication. The web application authenticates the user through STS and makes a call to service A on behalf of the user (using ChannelFactory.CreateChannelActingAs). It works great.
Now I would like to use the Azure Access Control Service (ACS) as a federation provider and instead log into my Google account (or something else), completely getting rid of the STS dummy. I can authenticate with a web application, but I get a “bad request” response when I try to make a call to a web service.
I understand that some problems can be a problem, but then it also struck me that I really did not check if ACS supports this WSA Trust ActAs concept. I found a forum topic that indicates that ActAs is not supported, but it is about six months old.
Can anyone confirm if ActAs is supported in ACS? And if not, is there another smart way to implement delegation delegation that is supported?
source
share