Login/Register
Can you have both client certificate security and service identity authentication in azure acs
Asked Answered
wcfsecurityazurecertificateacs
L

1

7

We have a WCF service which requires a token supplied by azure's acs service and acs is configured to use the in built service identities for authentication.

Can we also only allow access to this service via client certificate authentication (so only clients that have the certificate installed can call the service) but also provide the user name and password to provide to the acs service to get the tokens provided by the acs service to establish claims for the services (and eventually for others users)

Or is it one or the other?

We will also be using https for the service eventually in case this makes a difference.

Lifeblood answered 23/1, 2013 at 21:9 Comment(0)
F
1

You should be able to do this by setting up multiple service identities in ACS one for username&password and one for certificate.

References:

http://msdn.microsoft.com/en-us/library/windowsazure/gg185924.aspx

http://msdn.microsoft.com/en-us/library/windowsazure/hh289316.aspx

http://msdn.microsoft.com/en-us/library/windowsazure/gg185954.aspx

Forsta answered 26/1, 2013 at 3:12 Comment(2)
Thanks @Imtiaz, I've not read all the links yet (but will) but I think what you are saying is the we can have different identities use different techniques at the same time. Maybe the question wasn't clear but I want to know if this is possibly AT THE SAME TIME for the SAME USER, so we have both certificate authentication on the communication with the service and still get given the SAML tokens by acs. Apologies if the links confirm that, but your answer implies otherwiseLifeblood
Yes, you should be able to provide multiple client authentication options for the same user using multiple service identities in ACSForsta

© 2022 - 2024 — McMap. All rights reserved.