Tag Archives: Security

Installing the Windows Identity Foundation (WIF) SDK

WIF gives you the ability to develop claims-based applications and separate or externalize the authentication of users from your application.  It is a better separation of concerns for the application and gives you more capability for creating a secure application that accesses local or web (cloud) services.

Features you can add to your app using WIF

  • Authentication
  • Personalization
  • Federation
  • Identity Delegation
  • Single Sign On (SSO)

Supported OS Bases

  • Windows 2008 Server SP2
  • Windows 2008 Server R2
  • Windows 7
  • Windows Server 2003 SP2
  • Windows Vista

Development Framework Versions

  • .NET 3.5 SP1
  • .NET 4.0

Installation (Step 1)

To develop using the WIF SDK you will first need the Windows Identity Foundation run-time installed on your machine.  Obviously, this suggests that you will need to install this runtime on any machine that is providing WIF-based services.  You will also need IIS as well.

When I went to do the installs I realized that they were in separate places and have different requirements based on the OS that you are using.  Hopefully, the information I have below will organize that a little better so you can just go get what you need and not have to weed through a bunch of “use this here” and “use that there” statements across multiple pages.

One side note.  The reason I started down this path is that I wanted to work with some sample code that a colleague gave me using WIF.  In the application there in a reference to “Microsoft.IdentityModel.dll”.  My search for that assembly led me here.  So, if you’re looking for that assembly, you’ve now found it.

WIF Runtime Installation Downloads

OS Look here for installation download
Vista / W2K8 Server Windows6.0-KB974405-x64 or x86.msu
Windows 7 / W2K8 R2 Windows6.1-KB974405-x64 or x86.msu
W2K3 Server SP2 Windows5.2-KB974405-x64 or x86.exe

WIF SDK Downloads

Runtime Installation

 

It will call this installation the “Update for Windows (KB974405)”

image

Accept the license terms to continue…

image

It will then do the installation…

image

And complete…It only took about a minute on my x64 laptop.

image

SDK Installation

image

Slightly different license acceptance screen…

image

Where do you want the files…

image

Are you sure…

image

Install…

image

Done.  This install took significantly longer than the runtime – around 5 minutes.

image

iPhone 3.1 OS Update Kills Exchange eMail

Ever since July 2008, Apple has been reporting that it’s iPhone has supported on-device encryption.  Users have been happy because of this report.  Enterprises have been happy because of this report.  Unfortunately, a report is all that it was.  The device reported that it provided the feature but it didn’t actually do it.  Well, now that the update to the operating system has been made that now enforces the requirement for on-device encryption the older devices fail the policy requirement

Policy Requirement

and your Exchange-based email won’t work.

The options:

Option 1: Buy a new device.  3GS devices seem to work.  Hmmm, I thought the S in 3GS was for Speed not “fixing unenforced Security holes”.  This option sounds a little costly since you may not be able to upgrade with a provider plan and could have to pay full price for the new phone.  Either way, you have to shell out some cabbage.

Option 2: Turn off the Exchange security requirement.  Wait a moment, to use an Apple product, you need to shut off security?  Seems to me that Apple has been strutting around touting how insecure everyone else is.  They don’t really go out of their way to say how secure they are. No, it’s more of a “try to insinuate that the other guy isn’t so you look like you are”.  Just a marketing tactic.  Kind of like the way-overused phrase: “IT’S REVOLUTIONARY!”.  So much crap.

Personally, I hate my phone.  It’s not the iPhone but that’s not why I hate it.  It’s the Samsung Epix with a touch screen and a goofy, shiny, black pad that works as a tiny little mouse pad.  I thought it would be much more useful but alas, it is not.  However, even with this lame phone, I can still get to my email. Ha.