Yossi Dahan [BizTalk]


Tuesday, November 04, 2008

From "Zermatt" to the "Geneva Framework"

I have already mentioned that Zermatt has been renamed as the "Geneva Framework", which makes total sense.

At PDC Microsoft have released a new download for the "Geneva Framework", which I have downloaded today to check some of my code against;

While not at all an extensive list, here are the changes I had to do to my code to get it to work with the updated framework -

On the STS:

  • The SecureTokenService class, which is the base class for any STS implementation has moved to the main Microsoft.IdentityModel namespace (it formerly existed under it's own namespace - Microsoft.IdentityModel.Service)
  • The GetScope method of the SecureTokenService is now marked as abstract and so has to be implemented (I believe it previously was not abstract so a base implementation could have been used, either directly or indirectly through an overriding method;
  • ClaimsPrincipal no longer has a 'Current' property, you can get the claims principal from an IClaimsPrincipal instance using the CreateFromPrincipal method or from an IIdentity instance using the CreateFromIdentity method.
  • GetOutputSubjects renamed to GetOutputClaimsIdentity, the order of the parameters has changed a bit (but otherwise remained the same) and the return value is now IClaimsIdentity and not ClaimsIdentityCollection (which, again, makes perfect sense)
  • In the STS service configurationI have changed the bindings from wsHttpBinding to ws2007HttpBinding and the STS contract from IWSTrustFeb2005SyncContract to IWSTrust13SyncContract.

On the RP:

  • ExtensibleServiceCredentials, which is used to configure the RP's host to use the Geneva Framework is now called FederatedServiceCredentials
  • To get the list of Claims in the RP you no longer use something like "(IClaimsIdentity)ClaimsPrincipal.Current.Identity;" but instead check the CurrentPrincipal of the current thread - "IClaimsIdentity identity = Thread.CurrentPrincipal as IClaimsIdentity;"

Labels: ,


  • Hi, I am working on Geneva Framework also facing some issues...I tried to find out email address of Geneva Team but couldn't. Found your blog so posting a question here.

    Question: It is mentioned in the Documentation that in WSFederationAuthenticationModule_SessionSecurityTokenCreated event you can modify the Session Token and that will be saved in the cookie with the modified values.

    But when I fetch the information of Session token in
    SessionAuthenticationModule_SessionSecurityTokenReceived, the changes are not visible.

    It seems that in the SessionSecurityTokenCreated event chnages are not stored in the cookie.

    Could you please provide some help on this.


    By Blogger Ashwani, at 13/11/2008, 03:40  

  • Hi Ashwani

    I have not yet tried what you are doing, so I'm afraid I can't help you.

    However - the best place to ask Geneva related questions is in the Geneva forum

    By Blogger Yossi Dahan, at 13/11/2008, 08:31  

Post a Comment

<< Home