I found myself posting more on twitter than my blog. However this deserved a post. The RTM of the guide is finally out there in PDF version. Book content online on MSDN. Book PDF download Final samples download Discuss at Codeplex Looking at my name in the cover of a book together with such a... read more
Eugenio announced yesterday the kickoff of a new guide from patterns & practices in which I’m collaborating: Claims based Authentication & Authorization Guide. This is not a new topic as Eugenio suggests in his blog, but it’s getting more and more attention because: Technology is more mature, hence it’s easier to implement claim-based identity Enterprises... read more
I’ve been doing some tests to get a token from ADFS (Geneva Server) using Windows Identity Foundation WSTrustClient. In this case we are using the UserNameMixed endpoint that expects a WS-Security UsernameToken (notice the MessageCredentialType.UserName). internal static ClaimsIdentityCollection RequestTokenWithUsernameMixed() { var binding = new WS2007HttpBinding(SecurityMode.TransportWithMessageCredential, false); binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName; binding.Security.Message.EstablishSecurityContext = false; var credentials =... read more
In my last post I talked about an identity roadmap and how we are helping companies to achieve Level 1: Externalizing Authentication. In this first level, we only care about checking the credentials of a user in a Security Token Service and issue a token with a couple of claims. That token will be enough... read more
The following table shows an analogy of identity concepts between a single application and a federated application. The single app has its own identity silo and the federated app relies on an STS (like Geneva Server). I find this analogy useful to explain how things differ from the non-federated non-claim-based world.
Couple of months ago Ezequiel posted a summary of a very interesting article published on the Identity issue of the Architecture Journal. This article talked about different patterns on the federated identity world. Last week we had an interesting requirement to solve in a project and this article came to my mind. Specifically one of... read more
