At last! A comprehensive guide to understanding how Claims-based identity works and how you can use it in these scenarios:
- Web Single-Sign On
- Web Services
- Federation with Multiple Partners
- Windows Azure
Claims-based identity means to control the digital experience and to use digital resources based on things that are said by one party about another.
A party can be a person, organization, government, Web site, Web service, or even a device. The very simplest example of a claim is something that a party says about itself.
A big part of an architect’s job is to guide developers on how to handle authentication. Developers have many technologies to choose from; Windows Integrated Authentication, SAML, LDAP, and X.509 are just a few.
The security architect is responsible for writing detailed implementation guidance on when and how to use all of them.
The true purpose of the forthcoming Windows Identity Foundation is to render these technology decisions trivial. Architects will no longer need to create complex guidelines for authentication.
Check-out this blog post by Eugenio Pace that helps you navigate this great new on-line resource: http://blogs.msdn.com/eugeniop/archive/2010/01/29/just-released-claims-identity-guide-online.aspx