Windows Identity Foundation

This session provides a light introduction to claims-based identity: the problems it solves, the canonical authentication scenario, key concepts and terminology.The main Windows Identity Foundation API surface for non-security developers is introduced.

In this session you will learn about the difference between IP-STS and FP-STS and how to choose where to put STSes in your architecture. You will learn about federation, home realm discovery and how to leverage the WIF extensibility model in order to handle multiple identity providers.

The second lab of the workshop explores some of the patterns discussed in the former section. One lab demonstrates how a generic web site can be enhanced with identity provider capabilities regardless of the authentication technology it uses, simply by adding an STS page. Another lab shows how to…

Join Nate and Nick each week as they cover Windows Azure. You can follow and interact with the show at @CloudCoverShow. In this episode Nick and Nate are joined by Vittorio Bertocci who tells us all about Windows Azure Active Directory, demonstrates the Graph API…

The first lab of the workshop offers an overview of what can be achieved when using WIF with Web sites: authentication externalization, integration with IsInRole and ASP.NET authorization, customization of the application via claims, claims-based authorization.This video introduces the viewer…

This session explores in depth how WIF tackles the sign-in scenario.After a general intro to the WIF configuration element, the session describes how WS-Federation is used for driving the various browser redirects which ultimately constitute the sign in experience. Most of the time is spent digging…

When it comes to identity management intensive applications, it's hard to top Sharepoint. Whether you are signing in a portal, accessing a document or using a webpart for reaching out to external web services, your identity is going to be the factor that drives it all.Vittorio went to…

This short session explores the architectural implications of using claims for authorization purposes

This session describes in detail the difference between passive and active scenarios, specifically around the confirmation method for toekns (bearer vs. holder-of-key).The WIF object model and WCF integration are discussed, with special attention to similarities to what has been seen for the ASP.NET…

This lab explores the idea of delegated service call via ActAs tokens: the exercise from the Web sites lab shows how to do that from an ASP.NET to a WCF backend, while the one from the WCF lab focuses on flowing identity info through a chain of services calls.The first exercise of the WCF lab does…