StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
17933646
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
1
CommunityOwnedDate
CreationDate
2013-07-29T20:32:29.343
FavoriteCount
0
LastActivityDate
2013-07-29T20:38:09.193
LastEditDate
2013-07-29T20:38:09.193
LastEditorUserId
607970
OwnerUserId
607970
ParentId
17929921
PostTypeId
2
Score
1
ViewCount
0
LastEditorDisplayName
text
Body
Windows Azure Active Directory is a good option for single sign-on, but it does not have to be used with ACS, as can be seen here <a href="http://msdn.microsoft.com/en-us/library/windowsazure/dn151790.aspx#BKMK_Connecting" rel="nofollow">http://msdn.microsoft.com/en-us/library/windowsazure/dn151790.aspx#BKMK_Connecting</a> The advantages of ACS are that <ol> <li>It can be used to perform claims transformation without having to write any code (e.g. in a custom ClaimsAuthenticationManager). You will not be able to handle complex transformations, but simple ones are fine.</li> <li>It can provide federation with multiple identity providers, so if you users would rather use Facebook, instead of your WAAD, it is more flexible.</li> </ol> However, on the down side <ol> <li>It is more complex to configure and is another moving part in your solution that can go wrong</li> <li>ACS namespaces are tied to a single Azure region so a failure in a data centre will be harder to recover from</li> </ol> I had to use ACS with WAAD in a previous application I worked on because (for some reason) the <a href="http://msdn.microsoft.com/en-us/library/dd470175%28v=vs.108%29.aspx" rel="nofollow">ASP.Net MVC anti-forgery protection</a> relies on a claim of type <pre><code>http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider </code></pre> which is not issued by WAAD. I used a simple claim transformation rule in ACS to transform the WAAD issued claim of type <pre><code>http://schemas.microsoft.com/identity/claims/identityprovider </code></pre> into an equivalent claim of type <pre><code>http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider </code></pre> This was the only way I could think of to fix my issue at the time so it made it worth using ACS in my case. I never found out whether you could do this purely with WAAD (maybe using the graph API) because of time pressures on the project at the time. In answer to the extra question in your comment, there is no way to replace the sign-on page if you are using WS-Federation or OAuth 2. A crucial point of those approaches is that the user only enters their credentials into the (trusted) UI provided by the identity provider. I think you can replace the image with one of your own though. Maybe you could gather the users credentials with your own UI and get a token using the WS-Trust endpoint, but this would not give you genuine web SSO in the sense that the sign-in session would not be automatically flowed between your different web applications.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POWindows Azure ACS with Active Directory as identity provider for SSO
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USMike Goodwin
UserOwnerUserId
1. USMike Goodwin
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. POWindows Azure ACS with Active Directory as identity provider for SSO
 singulars
 PostTypePostTypeId
 PTQuestion
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTAcceptedByOriginator
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. COThanks Mike for valuable input!!!
 singulars
 PostPostId
 PO
 UserUserId
 USsaransh77

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.