Exploring Dynamic Access Control Part 4 – Central Access Rules

In this series I have looked how we secure and classify resources (such as Files and Folders) with Dynamic Access Control with the claims of users and devices accessing them.  In the previous post I looked at Resource Properties and User/Device Claims. In this post I will be bringing these concepts together with Central Access Rules. Fitting everything together As we have…


Exploring Dynamic Access Control Part 3 – Properties and Claims

  In the previous post I looked at Classifying resources. In this post I will be looking at setting up custom Properties to use on those resources and claims for users and devices. Resource Properties Now we will go a little deeper into the Resource Properties (i.e. the items we can classify resources with). Inside…


Exploring Dynamic Access Control Part 2 - Classification

Dynamic Access Control is a way for you to secure your resources (such as files and folders) without having to manage groups or user lists.  In the previous post I looked at the basics of Dynamic Access Control. In this post I will be looking at Classification of resources. Classification You may have also noticed…


Exploring Dynamic Access Control Part 1 – Getting Started

This is the first post in a series of 4 covering Dynamic Access Control. In this post I am going to be looking at the Dynamic Access Control features of Windows Server 2012 and Windows 8. Dynamic Access Control is a way for you to secure your resources (such as files and folders) without having…


Access to an ASP.NET website via multiple authentications

Background Is it possible to secure a website using Windows Identity Foundation (WIF) without interfering with an existing authentication method? e.g. – Could a website secured using an ASP.NET membership provider, with all the code and configuration that entails, be layered with additional code and configuration to allow a precursory authentication with a trusted Identity…


Handling optional claims with the ADFS Claims Rule Language

It is a perfectly normal scenario for claims to be optional in a token. For example, a SAML assertion may contain the mandatory claims: http://www.contoso.com/claims/givenname http://www.contoso.com/claims/surname and optionally the claim: http://www.contoso.com/claims/dateofbirth The ADFS Claims Rule Language is designed to allow claims from incoming tokens to be used to query data stores for additional claims. At…