Thursday, May 9, 2013

Part-1: Setting up windows azure active directory

To authenticate users on asp.net application, we can setup windows azure active directory released by Microsoft recently. To start any operation in the application user have to login in the application.

To setup WAAD, we need to have a windows azure subscription. After having active subscription, we can follow below steps to setup it for your asp.net application.

Create windows azure active directory:

If you have not created any WAAD, you can create new WAAD by clicking on “Active Directory” tab on the left hand side of windows azure management portal.

clip_image001

And then by clicking the “Create your directory” link within it, you will see the “Create Directory” window.

clip_image002

Domain Name: This field is the part of the directory tenant domain name that is specific to your tenant, what distinguishes it from every other directory tenant. The Domain name must be unique.

Country or Region: The value selected in this dropdown will determine where your tenant will be created.

Organization Name: This field is required; this name will be displayed as company name, where ever required.

Manage users in WAAD:

Once WAAD is created, you will see it under “Directory” tab. We are going to add a user as “Global Administrator”. We can also add normal users.

Create windows azure active directory:

clip_image003

We can add more users in the directory by clicking on “ADD USER” link at the bottom of the window.

clip_image004

When you click on Add User, you will see below screen. Enter details. Click Next.

clip_image005

On the below screen we are creating a user as “Global Administrator”, we can also create normal “User”. Ideally we doesn’t need “Global Administrator”, we need this user only when we need to do some operation on WAAD using PowerShell.

clip_image006

Finally click on “Create”, this will create new user in WAAD.

clip_image007

Add integrated application:

For adding user we were working on the “USERS” tab, now for adding application we will be working on the “INTEGRATED APPS” tab.

On the integrated apps tab, you will find “ADD” button at the bottom of the screen.

Click on add button.

clip_image008

Figure-1

On the next screen add app name, and choose “Single Sing On”. Here SSO, means this application will only uses Single Sign-On feature on the WAAD.

Click on next button.

clip_image009

On the next screen, you will be asked for APP URL and APP ID URI.

“APP URL” should be same as the web application address, you wanted to integrate with WAAD.

And “APP ID URI” is unique identifier, it distinguish all your application in your WAAD. It is good practice to keep it same as “APP URL”.

clip_image011

Before we start integration, the application which we have just created will be displayed as new entry under “INTEGRATED APPS” tab.

When you click on newly created app, it will show configuration window for integrated app. From the section enable single sign-on with Windows Azure AD, make note of FEDERATION METADATA DOCUMENT URL.

clip_image013

We will need this URL to integrate WAAD Single sign-on with our asp.net application.

At this point we have done all the configurations, which needs to be done on WAAD. We are ready to integrate WAAD in our asp.net application.

For more detail please look at http://msdn.microsoft.com/library/windowsazure/dn151790.aspx