Windows Identity Foundation (WIF), Microsoft's framework for integrating claims-based authentication into applications, is now part of the .NET Framework. It was originally released in November 2009 as a standalone product.
WIF was created to make dealing with access control and authentication simpler, and to allow for single sign-on across multiple applications using security tokens based on claims. It includes Visual Studio templates for building WCF web services and ASP.NET websites, as well as ASP.NET sign-on controls. WIF also makes it possible to build custom security token services (STS) supporting either the WS-Federation or WS-Trust protocols. The available STS providers are the built-in Local Development STS, an ADFS2 business provider, or a Windows Azure Access Control Service.
There are several changes involved with the move to .NET Framework integration:
- The Windows Communication Foundation (WCF) claims model is deprecated in favor of the WIF model.
- All the classes in Microsoft.IdentityModel are moved into the appropriate .NET assemblies. mscorlib now contains the main claim classes: Claim, ClaimsIdentity, ClaimsPrincipal, ClaimTypes, and ClaimValueTypes.
- All principal classes (WindowsPrincipal, RolePrincipal, GenericPrincipal) are able to serve claims.
- There is a new Visual Studio extension called Identity and Access Tool for connecting to an STS. The "Add STS Reference..." command no longer exists.
- LocalSTS (for testing) is new in Visual Studio 2012.
- WIF sample projects and tools are available from the Visual Studio Gallery.
For more details and an extensive list of available WIF sample projects, visit Vittorio Bertocci's blog.