Comments for Zulfiqar's weblog http://zamd.net Middleware, security & random .Net Thu, 16 May 2013 22:25:08 +0000 hourly 1 http://wordpress.com/ Comment on Claim-based-security for ASP.NET Web APIs using DotNetOpenAuth by J.M. http://zamd.net/2012/05/04/claim-based-security-for-asp-net-web-apis-using-dotnetopenauth/#comment-765 Thu, 16 May 2013 22:25:08 +0000 https://zuahmed.wordpress.com/?p=378#comment-765 I was a little confused by the code in the Protocal Independent Issuer. The code is loading up a public and private key. I had thought that OAuth did not require SSL. Do I need to buy certificates?

]]> Comment on Claim-based-security for ASP.NET Web APIs using DotNetOpenAuth by Akila Kumarasamy http://zamd.net/2012/05/04/claim-based-security-for-asp-net-web-apis-using-dotnetopenauth/#comment-752 Wed, 08 May 2013 22:49:44 +0000 https://zuahmed.wordpress.com/?p=378#comment-752 Hi,

Its a good example, Can I know how to add different claims with the claim type in the OAuthIssuer? Also, the OAuthIssuer throws BAD REQUEST error if the client has the latest nuget package on the DotNetOpenAuth. How can we fix this? Can you please help?

]]> Comment on ExtractSAMLAssertion by taranglutearang http://zamd.net/2010/03/10/extractsamlassertion/#comment-739 Thu, 02 May 2013 09:22:49 +0000 http://zuahmed.wordpress.com/2010/03/10/extractsamlassertion/#comment-739 Hi..i am stuck very badly at one point where i need to do Ms Dynamics Crm WebLogin from my client application which is a Winform application developed in C# 4.0.My Scenario is like user will do login to CRM from desktop application and i want to show user,activity record web page of CRM.My application is able to do crm login for the user,but i am not able to show activity,user web page as i am not logged in the Web.
Also i tries to decrypt Saml Assertion value which i got when user logged in,but dont no how to decrypt the Saml.Saml i am getting is Saml 2.0.My Ms Crm Account is of Office 365.Can you Please suggest some way out to do CRM Weblogin from my application.

]]> Comment on Federating Office 365 (Azure Active Directory) with a Custom STS by Job Vermeulen http://zamd.net/2013/02/08/federating-a-custom-sts-with-office-365-azure-active-directory/#comment-733 Fri, 26 Apr 2013 16:16:09 +0000 https://zuahmed.wordpress.com/?p=453#comment-733 Are the changes already online somewhere?

]]> Comment on PasswordDigest authentication in WCF by Ubayeed Syed http://zamd.net/2010/07/12/passworddigest-authentication-in-wcf/#comment-723 Thu, 11 Apr 2013 13:37:00 +0000 https://zuahmed.wordpress.com/?p=207#comment-723 Reposting the sample SoapUI PasswordDigest xml as in above the xml tags were stripped off.

“CWTTESTxkmd5cSn0qLDCgKPglXq973Do+Y=rKxB+QR3z2jU8ZPzh9re3Q==2013-04-10T20:10:20.164Z”

]]> Comment on PasswordDigest authentication in WCF by Ubayeed Syed http://zamd.net/2010/07/12/passworddigest-authentication-in-wcf/#comment-722 Thu, 11 Apr 2013 13:30:52 +0000 https://zuahmed.wordpress.com/?p=207#comment-722 I found the following bug when I was testing “Password Type = PasswordDigest” from SoapUI. The issue is with createdate format (i.e. in UserNamePasswordDigestValidator.cs\ComputePasswordDigest) for e.g. the security header added by SoapUI looks as follows

USERNAMExkmd5cSn0qLDCgKPglXq973Do+Y=rKxB+QR3z2jU8ZPzh9re3Q==2013-04-10T20:10:20.164Z

But the code checks for the following format (line commented below) and does not account for milli-seconds (i.e. ‘f’). Modifying the following line fixes it.

//byte[] createdBytes = Encoding.UTF8.GetBytes(XmlConvert.ToString(created.ToUniversalTime(), “yyyy-MM-ddTHH:mm:ssZ”));
byte[] createdBytes = Encoding.UTF8.GetBytes(XmlConvert.ToString(created.ToUniversalTime(), “yyyy-MM-ddTHH:mm:ss.fffZ”));

Once I made the fix I was able to validate the Password digest (i.e. “xkmd5cSn0qLDCgKPglXq973Do+Y=”). Anybody who uses SoapUI for testing may come across this issue on a side note I am not sure if this would be an issue when testing from other tools. For troubleshooting this issue I’ve used WCF trace logs and noticed an inner-exception “Invalid password.”

Thanks Zulfiqar for your sample as it works great.

]]> Comment on Using Simple Web Token (SWT) with WIF by Part 1: Protecting an ASP.net Web API hosted on Azure with OAuth Simple Web Tokens using the Access Control Service – Server Side - AfricaApps - Site Home - MSDN Blogs http://zamd.net/2011/02/08/using-simple-web-token-swt-with-wif/#comment-712 Thu, 04 Apr 2013 15:36:59 +0000 https://zuahmed.wordpress.com/2011/02/08/using-simple-web-token-swt-with-wif/#comment-712 [...] http://zamd.net/2011/02/08/using-simple-web-token-swt-with-wif/http://netfx.codeplex.com/ [...]

]]> Comment on Configuring SAML Assertion Subject Name and Format for a WIF STS by WIF and nameidentifier format | Peter's ruminations http://zamd.net/2010/04/27/configuring-saml-assertion-subject-name-and-format-for-a-wif-sts/#comment-708 Wed, 03 Apr 2013 06:26:30 +0000 https://zuahmed.wordpress.com/2010/04/27/configuring-saml-assertion-subject-name-and-format-for-a-wif-sts/#comment-708 [...] http://zamd.net/2010/04/27/configuring-saml-assertion-subject-name-and-format-for-a-wif-sts/ [...]

]]> Comment on Deploying Umbraco to Windows Azure by zamd http://zamd.net/2012/01/27/deploying-umbraco-to-windows-azure/#comment-706 Tue, 02 Apr 2013 19:01:28 +0000 https://zuahmed.wordpress.com/?p=372#comment-706 Hi Kristan, yes it’s the backend I meant.

]]> Comment on Federating Office 365 (Azure Active Directory) with a Custom STS by zamd http://zamd.net/2013/02/08/federating-a-custom-sts-with-office-365-azure-active-directory/#comment-705 Tue, 02 Apr 2013 18:59:03 +0000 https://zuahmed.wordpress.com/?p=453#comment-705 Hi Andreas, This error means you don’t have Azure AD configured as a relying part in your IdentityServer.

]]>