Skip to main content

Posts

Showing posts from August, 2012

Running WIF Relying parties in Windows Azure

I am coping this blog from another blog here. Copying it here just to make sure I can find it in the future. My Azure app had this issue and this fixed the problem.  When running in a multi server environment like windows azure it is required to make sure the cookies generated by WIF are encrypted with the same pair of keys so all servers can open them. Encrypt cookies using RSAIn Windows Azure, the default cookie encryption mechanism (which uses DPAPI) is not appropriate because each instance has a different key. This would mean that a cookie created by one web role instance would not be readable by another web role instance. This could lead to service failures effectively causing denial of the service. To solve this problem you should use a cookie encryption mechanism that uses a key shared by all the web role instances. The following code written to global.asax shows how to replace the default SessionSecurityHandler object and configure it to use the RsaEncryptionCookieTransform c…