Claims-Aware WCF Service

In Visual Studio, open the File menu and select New, Web Site. Select Claims-Aware WCF Service.

If you look at your web.config file, you’ll see a number of differences from the web.config for a typical WCF service.

The assemblies element now includes the WIF assembly:

	Copy Code
<add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>

The services element contains a new service:

	Copy Code
<service name="ClaimsAwareService1.Service" behaviorConfiguration="ClaimsAwareService1.ServiceBehavior">

The services element also contains a new endpoint:

	Copy Code
<endpoint address="" binding="wsHttpBinding" contract="ClaimsAwareService1.IService">

The serviceBehavior element contains a new service behavior:

	Copy Code
<behaviors> <serviceBehaviors> <behavior name="ClaimsAwareService1.ServiceBehavior" > <!-- Behavior extension to make the service claims aware --> <federatedServiceHostConfiguration/> <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment --> <serviceMetadata httpGetEnabled="true"/> <!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --> <serviceDebug includeExceptionDetailInFaults="false"/> </behavior> </serviceBehaviors> </behaviors>

Copy Code

<behaviors>
	<serviceBehaviors>
		<behavior name="ClaimsAwareService1.ServiceBehavior" > 
		<!-- Behavior extension to make the service claims aware -->
		<federatedServiceHostConfiguration/>
		<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
		<serviceMetadata  httpGetEnabled="true"/>
		<!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
		<serviceDebug includeExceptionDetailInFaults="false"/>
		</behavior>
	</serviceBehaviors>
</behaviors>

Finally, an extensions element is added to the system.serviceModel element:

	Copy Code
<extensions> <behaviorExtensions> <!-- This behavior extension will enable the service host to be Claims aware --> <add name="federatedServiceHostConfiguration" type="Microsoft.IdentityModel.Configuration.ConfigureServiceHostBehaviorExtensionElement, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/> </behaviorExtensions> </extensions>

Copy Code

<extensions> 
	<behaviorExtensions>
	<!-- This behavior extension will enable the service host to be Claims aware -->
		<add name="federatedServiceHostConfiguration" type="Microsoft.IdentityModel.Configuration.ConfigureServiceHostBehaviorExtensionElement, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
	</behaviorExtensions>
</extensions>

You can now use FedUtil to access the current user’s claims through IClaimsPrincipal. For more information, see How to: Build a WCF Relying Party Application.