In this scenario, you use the WIF Visual Studio templates and FedUtil to create an ASP.NET Web site that lets you access the current user’s claims through IClaimsPrincipal. The way this works is that FedUtil adds the ClaimsPrincipalHttpModule to your project. The module lets you convert the current user’s IPrincipal object to an IClaimsPrincipal object.

Note:
You must run Visual Studio in Elevated mode for FedUtil to work correctly.

In Visual Studio, create a Claims-Aware ASP.NET Web Site as shown in Claims-Aware ASP.NET Web Site.

Next, right-click on your project in the Solution Explorer and select Add STS Reference:



This runs the FedUtil tool. You’ll see the FedUtil dialog box, beginning with the Welcome to Federation Utility tool page:



This page requires you to enter two fields:

  1. Application configuration location: Specify the path to the web.config file for your ASP.NET Web site. If you run FedUtil from outside Visual Studio, this field is empty. If you run FedUtil from inside Visual Studio, this field already contains the path to the web.config file for your project. The web.config file must already exist and should be in its default state (that is, as it was generated by Visual Studio). If you run FedUtil more than once on the same web.config file, FedUtil simply overwrites the content that it adds to the web.config file.

  2. Application URI: Specify the URI for your ASP.NET Web site. If you run FedUtil from outside Visual Studio, this field is empty. If you run FedUtil from inside Visual Studio, this field already contains two URIs for your project: one that uses localhost, and one that uses the fully qualified domain name for your computer, if available. If the URI is not secure (that is, does not begin with “https://”), you receive a warning when you click Next.

When you have provided the information, click Next. You’ll see the Security Token Service page:



Select No STS and click Next. You’ll see the Summary page:



Click Finish.

Now open your default.aspx.cs file and note the first two lines of the Page_Load method:

  Copy Code
IClaimsPrincipal claimsPrincipal = Page.User as IClaimsPrincipal;
IClaimsIdentity claimsIdentity = ( IClaimsIdentity )claimsPrincipal.Identity;

The remaining code simply lists the claims for the current user and their values.