Introduction to Claims-Based Programming and the Geneva Framework

For years, Windows has supported a rich, built-in authentication and authorization framework. If you can assume clients will have a Windows account, you can rely on Windows integrated authentication to validate client identity, and use impersonation, ACLs, and role-based security to authorize access to resources. But that model only works if all of your users have Active Directory accounts in a trusted domain. It's difficult to turn one of these applications to face the Internet to support remote employees, partners, and so on. This talk will introduce you to a new model for identity, which allows you to factor authentication and many authorization decisions out of your applications and into a central identity service. This model makes it much easier to achieve Internet-friendly single sign on. It also makes it easier for your application to receive richer identity information, and paves the way for identity federation, should you ever need to integrate with another organization or another platform (Java, for example). In this talk, you'll be introduced to the Geneva Framework as the new API for building claims-aware applications.

This video is recorded at the Dutch DevDays in Den Haag The Netherlands in June 2009. DevDays is the largest industry event for developers in the Netherlands. Thousands of professional developers visit DevDays yearly to keep in touch with the latest developments in their field.