Security for Silverlight – Part 1 of many - Introduction
Federated Scenarios - Windows Phone 7, WCF, and Azure This is a big deal
|
Confusing Territory
|
Hide the complexity of using various identity providers You have two main approaches you can take
|
My Goal
|
Big Picture
Take the scenario belowThe point here is that although I want to access “https://brunoterkaly.com” I first need to get a token. Tokens are provided by an STS. Once I have that token, I can then access “https://brunoterkaly.com” using the token. With that token I have certain “claims” I can make, which is to say I can access only specific parts of “https://brunoterkaly.com”I will explain access to the “AuthenticationServices.svc” and “BrunoServices.svc” later. |
What is STS?
|
It is about a security gateway
|
The STS is built upon the WS-Trust Specification
|
The tokens previously discussed are SAML Tokens
|
SAML, Identity Providers, Service Providers, Principals
|
Is this post helping?
|
To be continued…