How to use and configure WIF together with AppFabric
for our distributed application platform currently we use role based authorization based on ASP.NET with a sql role membership provider. We have decided to switch our platform to use AppFabric (for Windows Server, not Azure) and within this we consider also to switch our authorization/authentication infrastructure to WIF.
Some general questions we are faced with: What would this mean for us? What new infrastructure do we need? Do we need Active Directory as a Security Token Provider or can we use alternative providers? How does the claim based model match with the role based model?
More AppFabric/WCF related questions: How do we have to modify/configure our WCF services to use WIF? Is it just a *.cfg file issue? Is it just a IIS/AppFabric deployment issue? How to configure AppFabric to trust a certain STS provider? Does security federation need specific settings? Isn't it possible to view a Security Token Service just as another WCF service that is hosted in an AppFabric? ...
So there are a lot of questions and there are some good resources out there that answer some of the questions separately, but we would like to have a scenario that describes the WIF authentication/authorization system as a whole, with the AppFabric in its center.
At the end we would like to be in a postition that allows us to estimate what it would mean to switch to WIF when we switch to AppFabric anyway.
Thanks for the suggestion. Can you provide a little more detail regarding the specific scenario you'd like to see?
... to get an idea what it really takes to use WIF and if it is really practicable.