All Will Be Revealed: ~7 Hours Recordings from the WIF Workshops

As promised, the recordings of the main sessions of the latest WIF Workshop are now available  on Channel9!

The course starts from the very high level intro you’ve seen various times, and progresses into the deepest WIF training content we’ve ever published (that is, until this bad boy will be finally on the shelves).

In a short you can expect to see a new version of the Identity Developer Training Kit, which will include the slides used during the class and embedded players pointing to those very videos: together with the usual labs, that will truly be an event-in-a-box package you’ll be able to use if you want to redeliver a WIF workshop in your area!

WIF Workshop 1: Introduction to Claims-Based Identity and WIF

This session provides a light introduction to claims-based identity: the problems it solves, the canonical authentication scenario, key concepts and terminology. The main Windows Identity Foundation API surface for non-security developers is introduced.

 

 

WIF Workshop 2: Lab on Basic Web Sites

The first lab of the workshop offers an overview of what can be achieved when using WIF with Web sites: authentication externalization, integration with IsInRole and ASP.NET authorization, customization of the application via claims, claims-based authorization. This video introduces the viewer to the lab format and gives some advices about lab execution.

 

 

WIF Workshop 3: Scenarios and Architecture I

In this session you will learn about the difference between IP-STS and FP-STS and how to choose where to put STSes in your architecture. You will learn about federation, home realm discovery and how to leverage the WIF extensibility model in order to handle multiple identity providers.

 

 

WIF Workshop 4: Scenarios and Architecture II

This short session explores the architectural implications of using claims for authorization purposes

 

 

WIF Workshop 5: Lab about Web Sites and STS

The second lab of the workshop explores some of the patterns discussed in the former section. One lab demonstrates how a generic web site can be enhanced with identity provider capabilities regardless of the authentication technology it uses, simply by adding an STS page. Another lab shows how to use an existing membership store for authenticating calls to a custom STS and sourcing claim values.

 

 

WIF Workshop 6: WIF ASP.NET Pipeline and Extensibility Points

This session explores in depth how WIF tackles the sign-in scenario. After a general intro to the WIF configuration element, the session describes how WS-Federation is used for driving the various browser redirects which ultimately constitute the sign in experience. Most of the time is spent digging deep in how WIF leverages the ASP.NET HttpModule extensibility mechanism and its own classes & events for implementing the sign-in sequence.

 

 

WIF Workshop 7: WIF and WCF

This session describes in detail the difference between passive and active scenarios, specifically around the confirmation method for toekns (bearer vs. holder-of-key). The WIF object model and WCF integration are discussed, with special attention to similarities to what has been seen for the ASP.NET case and differences with the traditional, WCF-only programming model. The notion of trusted subsystem is explored at lenght, providing the backdrop for the introduction to WSTrustChannel, CreateChannelActingAs and CreateChannelWithIssuedToken.

 

 

WIF Workshop 8: Lab about WIF and WCF

This lab explores the idea of delegated service call via ActAs tokens: the exercise from the Web sites lab shows how to do that from an ASP.NET to a WCF backend, while the one from the WCF lab focuses on flowing identity info through a chain of services calls. The first exercise of the WCF lab does not use an STS for authentication. It uses username & password credentials, and is designed to highlight the differences between the old WCF-only model and the enhanced model offered by WIF.

 

 

WIF Workshop 9: WIF and Windows Azure

The last session of the training covers the use of WIF in Windows Azure. After a quick introduction to Windows Azure and the infrastructural differences between web roles and on-premises deployment, the session provides practical advices on aspects of distributed development such as handling NLB sessions, certificate management, dealing with volatile application URI, handling tracing, metadata generation considerations, and so on. The discussion covers both Web roles and WCF roles.

 

 

WIF Workshop 10: Lab about WIF and Windows Azure

The last lab of the workshop covers the use of WIF on Windows Azure, demonstrating in practice how to cope with NLB sessions, volatile application URI, dynamic configuration, metadata generation, tracing and so on.