{"id":252,"date":"2013-02-18T21:09:00","date_gmt":"2013-02-19T06:09:00","guid":{"rendered":"http:\/\/www.cloudidentity.com\/blog\/2013\/02\/18\/microsoft-asp-net-tools-for-windows-azure-active-directory-visual-studio-2012-4\/"},"modified":"2013-03-14T15:50:47","modified_gmt":"2013-03-15T00:50:47","slug":"microsoft-asp-net-tools-for-windows-azure-active-directory-visual-studio-2012-4","status":"publish","type":"post","link":"https:\/\/www.cloudidentity.com\/blog\/2013\/02\/18\/microsoft-asp-net-tools-for-windows-azure-active-directory-visual-studio-2012-4\/","title":{"rendered":"Microsoft ASP.NET Tools for Windows Azure Active Directory \u2013 Visual Studio 2012"},"content":{"rendered":"<p>If you guys had a chance of seeing <a href=\"http:\/\/channel9.msdn.com\/Events\/Build\/2012\/3-042\">the Windows Azure AD session<\/a> at \/\/BUILD, or more recently at <a href=\"http:\/\/channel9.msdn.com\/Events\/Patterns-Practices-Symposium-Online\/pattern-practices-symposium-2013\/Windows-Azure-Active-Directory\">the P&amp;P Symposium<\/a>, you already know that the previews of ASP.NET Tools Fall update included a feature to easily configure a Web application to use Windows Azure AD; it is what added the &ldquo;Enable Windows Azure Authentication&rdquo; menu entry in the project explorer&rsquo;s context menu.<\/p>\n<p>Today <a href=\"http:\/\/weblogs.asp.net\/scottgu\/archive\/2013\/02\/18\/announcing-release-of-asp-net-and-web-tools-2012-2-update.aspx\">Scott Guthrie announced<\/a> the RTM of the <a href=\"http:\/\/go.microsoft.com\/fwlink\/?LinkId=282650\">ASP.NET and Web Tools 2012.2 Update<\/a>. However, Windows Azure AD is still in preview mode: hence, the associated feature was extracted from the main install and repackaged in its own tool, still in preview. In the process the feature acquired its own name: allow me to introduce the <a href=\"http:\/\/go.microsoft.com\/fwlink\/?LinkID=282306\"><strong>Microsoft ASP.NET Tools for Windows Azure Active Directory &ndash; Visual Studio 2012<\/strong><\/a>.<\/p>\n<p>You can find the MSI for Visual Studio 2012 <a href=\"http:\/\/go.microsoft.com\/fwlink\/?LinkID=282306\">here<\/a>; the MSI for the express SKUs is <a href=\"http:\/\/go.microsoft.com\/fwlink\/?LinkId=282652\">here<\/a>.<\/p>\n<p>Important:&nbsp;before installing&nbsp;the ASP.NET Tools for Windows Azure Active Directory&nbsp;you do need to install the&nbsp;<a href=\"http:\/\/go.microsoft.com\/fwlink\/?LinkId=282650\">ASP.NET and Web Tools 2012.2 Update<\/a>. Thanks to Magnus for suggesting this clarification!<\/p>\n<h1>New in this release<\/h1>\n<p>This release has a couple of differences from the last preview.<\/p>\n<p>The most visible difference is in the location of the menu entry which activates the feature. Whereas the earlier previews placed it in the context menu of the solution explorer, the latest preview offers it under the Project menu.<\/p>\n<p><a href=\"http:\/\/cloudidentity.com\/blog\/wp-content\/uploads\/2013\/02\/0636.image_5F00_794464C9.png\"><img loading=\"lazy\" decoding=\"async\" title=\"image\" src=\"http:\/\/cloudidentity.com\/blog\/wp-content\/uploads\/2013\/02\/0636.image_5F00_794464C9.png\" alt=\"image\" width=\"661\" height=\"786\" border=\"0\" \/><\/a><\/p>\n<p>The other differences are mostly invisible, unless you open the autogenerated web.config and take a look at the code emitted. <br \/>The most notable difference is that the tool now uses the <a href=\"http:\/\/blogs.msdn.com\/b\/vbertocci\/archive\/2013\/02\/08\/multitenant-sts-and-token-validation.aspx\">ValidatingIssuerNameRegistry<\/a>, as I somewhat anticipated <a href=\"http:\/\/blogs.msdn.com\/b\/vbertocci\/archive\/2013\/02\/08\/multitenant-sts-and-token-validation.aspx\">here<\/a>. Below there&rsquo;s an example of what the tool generates against my test tenant:<\/p>\n<pre class=\"csharpcode\"><span class=\"kwrd\">&lt;<\/span><span class=\"html\">issuerNameRegistry<\/span> <\/pre>\n<pre class=\"csharpcode\"><span class=\"attr\">type<\/span><span class=\"kwrd\">=\"System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry\"<\/span><span class=\"kwrd\">&gt;<\/span>\r\n   <span class=\"kwrd\">&lt;<\/span><span class=\"html\">authority<\/span> <span class=\"attr\">name<\/span><span class=\"kwrd\">=\"treyresearch1.onmicrosoft.com\"<\/span><span class=\"kwrd\">&gt;<\/span>\r\n     <span class=\"kwrd\">&lt;<\/span><span class=\"html\">keys<\/span><span class=\"kwrd\">&gt;<\/span>\r\n        <span class=\"kwrd\">&lt;<\/span><span class=\"html\">add<\/span> <span class=\"attr\">thumbprint<\/span><span class=\"kwrd\">=\"3464C5BDD2BE7F2B6112E2F08E9C0024E33D9FE0\"<\/span> <span class=\"kwrd\">\/&gt;<\/span>\r\n     <span class=\"kwrd\">&lt;\/<\/span><span class=\"html\">keys<\/span><span class=\"kwrd\">&gt;<\/span>\r\n     <span class=\"kwrd\">&lt;<\/span><span class=\"html\">validIssuers<\/span><span class=\"kwrd\">&gt;<\/span>\r\n       <span class=\"kwrd\">&lt;<\/span><span class=\"html\">add<\/span> <span class=\"attr\">name<\/span><span class=\"kwrd\">=\"https:\/\/sts.windows.net\/929bfe53-8d2d-4d9e-a94d-dd3c121183b4\/\"<\/span> <span class=\"kwrd\">\/&gt;<\/span>\r\n     <span class=\"kwrd\">&lt;\/<\/span><span class=\"html\">validIssuers<\/span><span class=\"kwrd\">&gt;<\/span>  \r\n    <span class=\"kwrd\">&lt;\/<\/span><span class=\"html\">authority<\/span><span class=\"kwrd\">&gt;<\/span>\r\n<span class=\"kwrd\">&lt;\/<\/span><span class=\"html\">issuerNameRegistry<\/span><span class=\"kwrd\">&gt;<\/span><\/pre>\n<p>The other difference is that there is no longer any mapping code for the Name claim, given that <a href=\"http:\/\/blogs.msdn.com\/b\/vbertocci\/archive\/2013\/02\/13\/the-name-claim-sometimes-it-s-the-simple-things.aspx\">now AAD emits a Name claim that WIF automatically picks up<\/a>.<\/p>\n<p>There are some other differences in the Publish user experience, but in the default case (the developer is also a directory tenant admin) the flow is really unchanged. I am told that the documentation of the tool will be updated soon: there you&rsquo;ll find all the details in a thorough walkthrough, hence I won&rsquo;t duplicate content here. I&rsquo;ll update with a link as soon as I get it.<\/p>\n<p>If you want to experience the preview of Windows Azure AD for Web SSO, there is no simpler way than through the <a href=\"http:\/\/go.microsoft.com\/fwlink\/?LinkID=282306\"><strong>Microsoft ASP.NET Tools for Windows Azure Active Directory<\/strong><\/a>. Go get it!!! <img decoding=\"async\" class=\"wlEmoticon wlEmoticon-smile\" src=\"http:\/\/cloudidentity.com\/blog\/wp-content\/uploads\/2013\/02\/4314.wlEmoticon_2D00_smile_5F00_751A256C.png\" alt=\"Smile\" \/><\/p>\n<div style=\"clear:both\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>If you guys had a chance of seeing the Windows Azure AD session at \/\/BUILD, or more recently at the P&amp;P Symposium, you already know that the previews of ASP.NET Tools Fall update included a feature to easily configure a Web application to use Windows Azure AD; it is what added the &ldquo;Enable&#8230;<\/p>\n","protected":false},"author":1,"featured_media":1305,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"footnotes":""},"categories":[5,6,12],"tags":[],"class_list":["post-252","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-wif","category-windows-azure","category-windows-azure-active-directory"],"_links":{"self":[{"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/posts\/252","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/comments?post=252"}],"version-history":[{"count":2,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/posts\/252\/revisions"}],"predecessor-version":[{"id":834,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/posts\/252\/revisions\/834"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/media\/1305"}],"wp:attachment":[{"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/media?parent=252"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/categories?post=252"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/tags?post=252"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}