Claims Identity Guide–Hands On Labs

Training content based on our guides has been as popular as the content itself. You can now download the “Release Candidate” for labs corresponding to the new guide. The labs are more than just a mirror of the guide. We took the opportunity of adding a few things that complement and extend what is explained…

1

Authentication in WP7 client with REST Services–Part I

In the last drop, we included a sample that demonstrates how to secure a REST web service with ACS, and a client calling that service running in a different security realm: In this case, ACS is the bridge between the WS-Trust/SAML world (Litware in the diagram) and the REST/SWT side (Adatum’s a-Order app) This is…

2

Web Single Sign Out–Part II

  Following up on previous post, there were 2 questions: Where do these green checks images come from? There are nowhere in a-Order or in a-Expense… you would spend hours looking for the PNG, or JPG or GIF and you will never find it, because it is very well concealed. Can you guess where it…

0

ACS as a Federation Provider – Claims transformation

To work properly, a-Order needs a number of claims to be supplied: User name Organization Role The "Organization” claim is used to filter orders belonging to a specific customer of Adatum. For example, Litware users (like Rick) will eventually end up with a token containing a claim with “Organization=Litware”. All this is done in step…

0

ACS as a Federation Provider – A little bit deeper into the sample (Home Realm Discovery)

Updates: fixed typos. Clarified how Home Realm Discovery works in this example.   In the previous post, I introduced the basic scenario of using ACS as a federation provider for Adatum (in addition to the one they already have). In this post, I’ll show you more details on how this works, based on the sample…

2

Access Control Service as a Federation Provider

The first scenario we are working is using ACS as a federation provider. This is an extension of the current chapter on Federation. The basic scenario is the following: Adatum has an Order processing app (a-Order) that is already claims enabled. Adatum wants their partners to be able to access a-Order with their own identity…

3

Our next project – Claims based Identity and Access Control

Not surprisingly maybe, security in general, and authentication & authorization in particular, is a consistently highly rated concern for our customers. These concerns are especially elevated  with those considering the cloud, because they don’t have as much control on the cloud as they would typically have in their own datacenters. Sometimes, one could argue, for…

0

A year’s balance–next project

A little bit late for a year balance since the year has already started, or so I’m told. Anyway, as we prepare for the next project, I reflected on my team’s work for the last 18 months. 18 months is more than a year, so you might wonder why am I doing a year balance…

0