Windows Identity Foundation
Windows Identity Foundation (WIF) is a Microsoft software framework for building identity-aware applications. It provides APIs for building ASP.NET or WCF based security token services as well as tools for building claims-aware and federation capable applications.
Windows Identity Foundation is supported on IIS 6/Windows Server 2003, IIS 7/Windows Vista, Windows Server 2008 and Windows 7. Version 1.0 shipped as a standalone product, but the product is now included as a part of Microsoft .NET Framework v4.5.
WIF has the following major features:
- It allows developers to build claims-aware applications by providing a set of application programming interfaces (APIs) that help developers write code to make access decisions to applications based on claims.
- It provides templates to help developers get started building claims-aware applications.
- It provides utilities that facilitate creation of a trust relationship between a claims-aware application (sometimes referred to as a Relying Party application, or RP), and a Security Token Service (STS).
- It provides a set of ASP.NET controls that help developers create web pages in claims-aware applications.
- It includes a utility that helps developers translate between claims and NT tokens, so that claims-aware applications can be used to access resources that require NT-Token based identity.
- It includes functionality that allows identities to be maintained across multiple service boundaries, and allows delegation of claims.
- It provides tools to help developers build custom security token services using ASP.NET or WCF.
||This section possibly contains original research. (November 2012) (Learn how and when to remove this template message)|
|This section does not cite any sources. (November 2012) (Learn how and when to remove this template message)|
The Microsoft documentation can mislead readers into thinking that WIF allows only the following types of claims-aware applications to be constructed: ASP.NET web applications and WCF service applications. This is not the case. Claims-aware Windows client applications can be built as well as any other type of custom claims-aware application. The misunderstanding arises from the fact that the security token service (STS) built using WIF can only be an ASP.NET application or WCF service application.