Access Control Service Step-by-Step in Windows Azure Platform
In this article, we would see some step by step to create Access Control Service in Windows Azure Platform. Well Access Control Service is an identity provider to authenticate your applications.
To know ACS (Access Control Service) in more details follow the article on MSDN: Click Here
You need to browse to Windows Azure Platform.
You would be asked for Microsoft Account authentication (aka Live ID). After you login, you would land up in the home page of azure portal.
As you see in the above image, the Home is selected by default. Now in this step select “Service Bus, Access Control & Caching”.
When you select this, the portal would look like this.
As you see in the above image; the “Access Control” from the Services group is selected. So by selecting “Access Control”, we could get options to manage ACSs.
In this step we could create a new “Service Namespace”.
You need to click on the new button.
On click of new, the “Create new Service Namespace” dialog pops up.
In this step, we would fill out the required information to be provided to create a service namespace.
Now after providing the properties of the namespace, you could click “Create Namespace” to create.
It would take a while to make the namespace active. You must be seeing something as follows.
The state of the namespace would be active after a while.
Now select the namespace you would like to use. Click on the “Access Control Service” button under “Manage Access Control” group.
You would be navigated to the access control service page. In our case, for dpatra-test1 namespace it would navigate to the following.
As we are in the access control service page, we need to do 3 basic things here.
As you see above, the above 3 links are present in the first group “Trust Relationships”. If we are first time to this namespace, then we need to go step by step.
In this step, we would assign “Identity Providers”. Click on “Identity Providers” button.
As you see above, Windows Live ID is already added as one of the Identity Providers. Also, you could see, two buttons “Add” and “Delete”; so at any point of time, we could add or delete Identity Providers.
In this step we would add an Identity Provider. Click on the Add button as mentioned above.
As you see, we have two types of custom Identity Provider, such as “WS-Federation identity provider” and “Facebook application”.
And also two of the preconfigured identity provider; such as “Google”, and “Yahoo!”.
We can add any of these, in this example we would add “Google”.
In this step we would select the “Google” Identity Provider and click on the “Next” button.
As you see above, you can configure the Identity Provider, with the above settings. This would be reflected in the Login page.
Click on save to add to the Identity Providers. As soon as you saves the settings, it would be added to the Identity Providers. As following.
In this step we would add relying party applications. Just click on “Relying party applications” under “Trust relationships” group header.
You would land up in the “Relying Party Applications” page.
As you see in the above step, the relying party application has not yet configured. So click on the “Add” button. You would land up in “Add Relying Party Application” page.
We would fill up the required settings. Some of the settings are mentioned below; else we can keep the default settings.
As you see, we have only changed the above 3 settings.
Click on “Save” to save the page settings. It would be added to the “Relying party applications”.
You can manage the “Relying party applications” at any point of time; using the “Add” and “Delete” features.
In this step, we would define rule group to pass Identity Provider authentication. Click on the “Rule groups” link.
You would land in the default “Rule Groups” page.
As you see in above image, a default rule group is added. Also we could manage the rule groups at any point of time by clicking on the buttons “Add” and “Delete”.
However, in this case; we would not add anything.
In this step; click on the default rule group.
As you see in above image, a warning is displayed.
Click on Generate to generate the rules automatically.
It would give you options to select the Identity Providers for generating rules.
Make your selection and click on Generate. You would land up in the following page.
Well, we are successfully created a access control service.
You could always check the application integration by clicking on the “Application integration” link under “Development”.
You could see a page displaying Login page, SDKs and documentation, and Endpoint references.
Hope this article helps. Thanks for reading.
Tryout my Codeplex Projects: