If you guys had a chance of seeing the Windows Azure AD session at //BUILD, or more recently at the P&P Symposium, you already know that the previews of ASP.NET Tools Fall update included a feature to easily configure a Web application to use Windows Azure AD; it is what added the “Enable Windows Azure Authentication” menu entry in the project explorer’s context menu.

Today Scott Guthrie announced the RTM of the ASP.NET and Web Tools 2012.2 Update. However, Windows Azure AD is still in preview mode: hence, the associated feature was extracted from the main install and repackaged in its own tool, still in preview. In the process the feature acquired its own name: allow me to introduce the Microsoft ASP.NET Tools for Windows Azure Active Directory – Visual Studio 2012.

You can find the MSI for Visual Studio 2012 here; the MSI for the express SKUs is here.

Important: before installing the ASP.NET Tools for Windows Azure Active Directory you do need to install the ASP.NET and Web Tools 2012.2 Update. Thanks to Magnus for suggesting this clarification!

New in this release

This release has a couple of differences from the last preview.

The most visible difference is in the location of the menu entry which activates the feature. Whereas the earlier previews placed it in the context menu of the solution explorer, the latest preview offers it under the Project menu.

image

The other differences are mostly invisible, unless you open the autogenerated web.config and take a look at the code emitted.
The most notable difference is that the tool now uses the ValidatingIssuerNameRegistry, as I somewhat anticipated here. Below there’s an example of what the tool generates against my test tenant:

<issuerNameRegistry 
type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry">
   <authority name="treyresearch1.onmicrosoft.com">
     <keys>
        <add thumbprint="3464C5BDD2BE7F2B6112E2F08E9C0024E33D9FE0" />
     </keys>
     <validIssuers>
       <add name="https://sts.windows.net/929bfe53-8d2d-4d9e-a94d-dd3c121183b4/" />
     </validIssuers>  
    </authority>
</issuerNameRegistry>

The other difference is that there is no longer any mapping code for the Name claim, given that now AAD emits a Name claim that WIF automatically picks up.

There are some other differences in the Publish user experience, but in the default case (the developer is also a directory tenant admin) the flow is really unchanged. I am told that the documentation of the tool will be updated soon: there you’ll find all the details in a thorough walkthrough, hence I won’t duplicate content here. I’ll update with a link as soon as I get it.

If you want to experience the preview of Windows Azure AD for Web SSO, there is no simpler way than through the Microsoft ASP.NET Tools for Windows Azure Active Directory. Go get it!!! Smile

 

3 Responses to Microsoft ASP.NET Tools for Windows Azure Active Directory – Visual Studio 2012

  1. [...] you played with our dev preview, for example with the ASP.NET tool for Windows Azure AD, you are already familiar with this screen: it’s the sign in page for Windows Azure AD. I have a [...]

  2. [...] I’ve been struggling with this one now for a good week or so. I need to connect via Azure (not ACS, the Active Authentication Provider) up to Office 365. Literally the only way I’ve seen to do this seamlessly is using a tool named “Windows Azure Active Directory Authentication Tools for Visual Studio 2012″ – as seen in http://www.cloudidentity.com/blog/2013/02/18/microsoft-asp-net-tools-for-windows-azure-active-direct…. [...]

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>