Forums

Not answered Using Sitefinity in Conjunction with WIF

Feed from this thread

Keith Beckman
Posted on Sep 13, 2010 (permalink)
I was wondering if anyone on the Telerik team or the community had any experience using Sitefinity in a site that is secured using claims-based authentication in Windows Identity Foundation. My experience with Sitefinity other than this forum post is extremely limited so I'm hoping that I'm giving enough detail here. Here's some high-technical details about how the site, its physical folder structure and our WIF considerations:

--http://<domain>/<site_root> All pages and Sitefinity dynamic content in this directory should be unsecured allowing for anonymous access.
--http://<domain>/<site_root>/shoppingcart is a sub-folder off the parent application that we want to completely secure.
--http://<domain>/<site_root>/developer is a sub-folder off the parent application that we want to secure, but allow the dynamic Sitefinity content to be unsecured...

Windows Identity Foundation allows for some very specific configuration to allow access to particular folders using tags such as the following:
```
<location path="FederationMetadata">		
    <system.web>			
        <authorization>				
            <allow users="*" />
        </authorization>		
    </system.web>	
</location>	
```
This works very well for static content in your ASP.NET application, however the dynamic Sitefinity content is unable to be configured this way... Those resources simply assume the same type of security access that is assigned to the folder in which it's served from. In other words, all of the dynamic content in our developer folder is secured and we would prefer only the static .aspx files be secured.

Is there some other configuration that might work? We've tried multiple configurations for this... We've place the <microsoft.identityModel> (WIF) configuration at the site root level and then removed it to try and secure each of the folders with their own config file with <microsoft.identityModel> sections. I'm hoping that someone on the Telerik team can provide some best practice approaches for this type of thing since federated security and WIF are technologies that are quickly gaining momentum...

Thanks in advance for your help.
Reply

Ivan Dimitrov Ivan Dimitrov

Posted on Sep 14, 2010 (permalink)

Hi Keith Beckman,

You could create a Claims for entities in the file system and this should allow dynamic requests. Another option is restricting all file resources by using authorization allow Element to allow access to a resource.

Kind regards,
Ivan Dimitrov
the Telerik team

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Reply

Steve

Posted on Nov 29, 2010 (permalink)

Continuing this this thought. Is there a way to configure Sitefinity to use Azure Access Controls as the identity provider?

Reply

Ivan Dimitrov Ivan Dimitrov

Posted on Dec 3, 2010 (permalink)

Hi Steve,

We do not support Azure officially in Sitefinity 3.x and 4.0 and we have not tested setting Azure controls. Most probably we will spend some time on this after the official release of Sitefinity 4.0.
Sitefinity 3.x will not have an official support on Azure.

Best wishes,
Ivan Dimitrov
the Telerik team

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Reply

Forums

Not answered Using Sitefinity in Conjunction with WIF

DevTools for .NET

Kendo UI

Test Studio

Sitefinity

TeamPulse

Call us

Anonymous

About Telerik