Como habia escrito en un post anterior, aqui dejo un video donde muestro Windows Identity Foundation y Windows Azure Access Control Service. En este ejemplo muestro lo siguiente: Creo un sitio web de cero y agrego un identity provider de prueba (Add STS Reference) Me falla una cosa con certificados y hago un poco de... read more
During the last couple of years we have helped companies deploying federated identity solutions using WS-Fed and SAML2 protocols with products like ADFS, SiteMinder in various platforms. Claims-based identity has many benefits but as every solution it has its downsides. One of them is the additional complexity to troubleshoot issues if something goes wrong, especially... read more
If you want to achieve a login user experience like the one shown in the following screenshot, then keep reading… Windows Azure AppFabric Access Control 2.0 has been released last week after one year in the Labs environment and it was officially announced today at MIX. If you haven’t heard about it yet, here is... read more
A year ago I wrote a blog post about how to use the Windows Identity Foundation with OpenID. Essentially the idea was writing an STS that can speak both protocol WS-Federation and OpenID, so your apps can keep using WIF as the claims framework, no matter what your Identity Provider is. WS-Fed == enterprise, OpenID... read more
Travis wrote an interesting blog post about mixing the new dynamic feature in C# 4 and claims. His idea was to use a User class derived from DynamicObject as a proxy to get claims. Here is some of the code he shows: var claims = new[] { new Claim("foo", "3"), new Claim("foo_bar",... read more
I’ve seen a few questions on identity federation with SharePoint before, so I thought about sharing this more broadly. I recorded a 9 minutes screencast showing the capabilities of ADFSv2 + SharePoint 2010. This is using Microsoft STS, LiveID and our own company STS allowing the following usecases: Manage access to employees that belong to... read more
I found myself posting more on twitter than my blog. However this deserved a post. The RTM of the guide is finally out there in PDF version. Book content online on MSDN. Book PDF download Final samples download Discuss at Codeplex Looking at my name in the cover of a book together with such a... read more
Wow, 3 months since my last post… Lots of things happened. We’ve been working with James Conard’s team from Microsoft DPE on the PDC09 keynote demos, specifically the Platform Converge demo (Doug Pourdy) and the VS2010, AppFabric, NET4, WIF demo (by Cameron Skinner, read more in his post). We also helped delivering the training kits... read more
Eugenio announced yesterday the kickoff of a new guide from patterns & practices in which I’m collaborating: Claims based Authentication & Authorization Guide. This is not a new topic as Eugenio suggests in his blog, but it’s getting more and more attention because: Technology is more mature, hence it’s easier to implement claim-based identity Enterprises... read more
I’ve been doing some tests to get a token from ADFS (Geneva Server) using Windows Identity Foundation WSTrustClient. In this case we are using the UserNameMixed endpoint that expects a WS-Security UsernameToken (notice the MessageCredentialType.UserName). internal static ClaimsIdentityCollection RequestTokenWithUsernameMixed() { var binding = new WS2007HttpBinding(SecurityMode.TransportWithMessageCredential, false); binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName; binding.Security.Message.EstablishSecurityContext = false; var credentials =... read more
