How to add an OpenID provider (like Hyves) to the Azure Active Directory
- If not done already install the Windows Azure Powershell
- Install the Azure CMDLets
- Start the Windows Azure Powershell with administrator privilidges
- Enter this command: Set-ExecutionPolicy RemoteSigned
- Select Yes to change the execution policy
- Configure the Windows Azure connection with your PC through command in the Powershell
- add-pssnapin WAPPSCmdlets
- An Internet Explorer start a download of the publish settings (you might need to sign in)
- Import-AzurePublishSettingsFile <mysetting>.publishsettings
- (if needed set the default subscription)
- $mySubID = “<subscriptionID>”
- (subscriptionID look like: 6a5225e2-4cbb-423e-8a23-1fd1b92243c5)
- $certThumbprint = “<Thumbprint>”
- $myCert = Get-Item cert:CurrentUserMy$certThumbprint
- $mySubName = “<SubscriptionName>”
- Set-AzureSubscription -SubscriptionName $mySubName
- Certificate $myCert -SubscriptionID $mySubID
- Select-AzureSubscription -SubscriptionName $mySubName
- Add-IdentityProvider -Namespace “<YOUR Azure AD NAMESPACE>” -ManagementKey “YOUR MANAGEMENTKEY” -Type “Manual” -Name “Hyves” -Protocol OpenId -SignInAddress https://openid.hyves-api.nl
- Add-Rule -ManagementKey “<YOUR MANAGEMENTKEY” -GroupName “<RULEGROUPNAME>” -IdentityProviderName
“Hyves” -Namespace “<YOUR NAMESPACE e.g. gupsi01″
Your all set
I’ve made a MVC 4 app targeting .NET 4.5. I’ve used the Access and Identity tool to create authentication in my app and read the terrific book “Programming Windows Identity Foundation” from Vittorio Bertocci. I choose to handle authentication to generate a controllen in my project to handle authentication experience as described in Vittorio’s Bertocci’s blog.
After clicking the button which should (when authenticated) link to a protected page the list with Identity providers should appear. Well, a page appears, but not the list of identity providers.
What I did to debug this issues is going to the Accountcontroller and Authenticate action and set a breakpoint where the MetaDataScript value was set. Run the app and at the breakpoint add a watch to the MetaDataScript value. Copied this value in Internet Exploren and …… a detailled error appeared and I could solve this instantly.
My problem was that I did not had the correct relying party defined in the Azure managementportal . The error was: ACS50001: Relying party with identifier ‘Home/Login/’ was not found.
When running my MVC 4 app, i got the error: Error 500 – Internal server error.
Fiddler didn’t show any extra information, nor did the suggested disable the Internet Explorer option “Show friendly HTTP error messages” give any more information.
After some searching it became clear that the error was in the web.config file. I had made an <appSettings> appear twice in the web.config. That is not OK and a 500 error is thrown.
After reading Orchard CMS I thought it would be possible to run Orchard on .NET 4.5 Windows Server 2012. These are the steps for running Orchard CMS on Windows Azure Server 2012 .NET 4.5
Although running Orchard on .NET 4.5 is not support, I did not run into any problems after you do some modification to the Orchard project. So here we go±
Running Orchard CMS on Windows Azure Server 2012 .NET 4.5
Set the target to .NET 4.5 Framework
- Open Orchard.Azure.sln in Visual Studio 2012
- rightclick the Orchard.Azure.Web project
- select properties
- go to the Application tab
- select “.NET Framework 4.5″ in “Target Framework”
- click YES on the Target Framework Change
- Repeat these steps for Orchard.Azure project
Set target to Windows Server 2012
Set the osFamily parameter in ServiceConfiguration.cscfg in Orchard.Azure.CloudService to 3 (=Windows Server 2012)
Upgrade the Windows Azure SDK to 1.8
- Install the Windows Azure SDK 1.8 using the Web Platform installer
- In Visual Studio 2012 rightclick Orchard.Azure.CloudService
- select properties
- select the Application tab
- click the upgrade button
- wait for the upgrade to finish
You now have upgraded the tools, but not all reference are set correctly, so we are going to fix that:
- goto the Orchard.Azure project in the Orchard.Azure solution
- delete the reference
- Add the reference again, but now the files from version 1.8 that are in C:Program FilesMicrosoft SDKsWindows Azure.NET SDK2012-10ref
- goto the Orchard.Azure.Web project in the Orchard.Azure solution
- Check if these refer to: C:Program FilesMicrosoft SDKsWindows Azure.NET SDK2012-10ref
- If not: delete the reference and add the reference again, but now the files from version 1.8 that are in C:Program FilesMicrosoft SDKsWindows Azure.NET SDK2012-10ref
Now you have a working Orchard 1.6 CMS that is able to run on Azure’s Windows Server 2012 and .NET 4.5 using the latest Azure SDK.
Unfortunately I’m missing “Choose how to handle unauthenticated requests” option in Identity and Access tools Configuration Tab.
I try to add a ACS to my MVC4 Orchard project. I’ve installed the Identity and Access Tool. After right clicking my project I select ‘Identity and Access’. The Identity and Access popup show.
There should be this option. See Vittorio’s blog, but it is missing.
You can find this information here.