Claims Identity Guide–Hands On Labs

Training content based on our guides has been as popular as the content itself. You can now download the “Release Candidate” for labs corresponding to the new guide. The labs are more than just a mirror of the guide. We took the opportunity of adding a few things that complement and extend what is explained…

1

Authentication in WP7 client with REST Services–Part II

In the previous post I covered the “semi-passive” way for authentication between a Windows Phone 7 client and a REST service. This post completes the information with the “active” way. There’s nothing unexpected here really: We call the Identity Provider using a RequestSecurityToken message (RST) We send the SAML token to ACS and get a…

0

Authentication in WP7 client with REST Services–Part I

In the last drop, we included a sample that demonstrates how to secure a REST web service with ACS, and a client calling that service running in a different security realm: In this case, ACS is the bridge between the WS-Trust/SAML world (Litware in the diagram) and the REST/SWT side (Adatum’s a-Order app) This is…

2

Drop #2 of Claims Identity Guide on CodePlex

Second drop of samples and draft chapters is now available on CodePlex. Highlights: All 3 samples for ACS v2: ("ACS as a Federation Provider", "ACS as a FP with Multiple Business Partners" and "ACS and REST endpoints"). These samples extend all the original "Federation samples" in the guide with new capabilities (e.g. protocol transition, REST…

0

SaaSGrid and Identity

Apprenda’s SaaSGrid is now “claims enabled”!  This is fantastic news. Any SG customer can now enjoy the benefits of claims based identity: simpler user management, easy federation with business partners, support for multiple identity providers, greater interoperability, etc. SG support for claims based identity maps nicely with what’s described in the “Claims Identity Guide –…

0

Single Sign Out–WebSSO

While reviewing all the existing samples we’ve noticed that our implementation of Single Sign Out was kind of….weak.  It wasn’t really fully implemented and wasn’t very clear what was happening either (or what it should happen) We’ve fixed all that now in scenario 1: WebSSO. Things get more complicated when more than 1 STS is…

0

ACS as a Federation Provider – Claims transformation

To work properly, a-Order needs a number of claims to be supplied: User name Organization Role The "Organization” claim is used to filter orders belonging to a specific customer of Adatum. For example, Litware users (like Rick) will eventually end up with a token containing a claim with “Organization=Litware”. All this is done in step…

0

Access Control Service as a Federation Provider

The first scenario we are working is using ACS as a federation provider. This is an extension of the current chapter on Federation. The basic scenario is the following: Adatum has an Order processing app (a-Order) that is already claims enabled. Adatum wants their partners to be able to access a-Order with their own identity…

3

Our next project – Claims based Identity and Access Control

Not surprisingly maybe, security in general, and authentication & authorization in particular, is a consistently highly rated concern for our customers. These concerns are especially elevated  with those considering the cloud, because they don’t have as much control on the cloud as they would typically have in their own datacenters. Sometimes, one could argue, for…

0

Claims Identity Guide samples updated

I’ve just uploaded to CodePlex updated samples for the Claims based Identity Guide. This have all been adapted to work on Visual Studio 2010, .NET 4.0 and MVC 2.0. See here for downloading the bits. From the release notes:                                    Required configuration changes for IIS, DevFabric and Windows Azure Both solutions 1-SingleSignOn and 5-WindowsAzure involve the…

0