Windows Identity Foundation

The last session of the training covers the use of WIF in Windows Azure. After a quick introduction to Windows Azure and the infrastructural differences between web roles and on-premises deployment, the session provides practical advices on aspects of distributed development such as handling NLB…

This lab explores the idea of delegated service call via ActAs tokens: the exercise from the Web sites lab shows how to do that from an ASP.NET to a WCF backend, while the one from the WCF lab focuses on flowing identity info through a chain of services calls.The first exercise of the WCF lab does…

This session describes in detail the difference between passive and active scenarios, specifically around the confirmation method for toekns (bearer vs. holder-of-key).The WIF object model and WCF integration are discussed, with special attention to similarities to what has been seen for the ASP.NET…

This session explores in depth how WIF tackles the sign-in scenario.After a general intro to the WIF configuration element, the session describes how WS-Federation is used for driving the various browser redirects which ultimately constitute the sign in experience. Most of the time is spent digging…

The second lab of the workshop explores some of the patterns discussed in the former section. One lab demonstrates how a generic web site can be enhanced with identity provider capabilities regardless of the authentication technology it uses, simply by adding an STS page. Another lab shows how to…

This short session explores the architectural implications of using claims for authorization purposes

In this session you will learn about the difference between IP-STS and FP-STS and how to choose where to put STSes in your architecture. You will learn about federation, home realm discovery and how to leverage the WIF extensibility model in order to handle multiple identity providers.

The first lab of the workshop offers an overview of what can be achieved when using WIF with Web sites: authentication externalization, integration with IsInRole and ASP.NET authorization, customization of the application via claims, claims-based authorization.This video introduces the viewer…

This session provides a light introduction to claims-based identity: the problems it solves, the canonical authentication scenario, key concepts and terminology.The main Windows Identity Foundation API surface for non-security developers is introduced.

Jared Bienz talked with Donny Conway from Jack Henry and Associates, Inc. at a recent Microsoft event in Redmond, WA. Jack Henry focuses on the financial industry such as banking and credit union software. Jack Henry has been working extensively with WPF and Silverlight as well as…