MSDN Windows Azure webcast series, 8/11-9/15
Fabrikam Jets - Integrating Codename "Dallas" with AppFabric Access Control
Play Fabrikam Jets - Integrating Codename "Dallas" with AppFabric Access Control
Description
This screencast shows how AppFabric Access Control (AC) can be used to provide identity
federation, trust delegation, service authorization and integration with Active
Directory Federation Services (ADFS), to control access to services based on
Windows Azure.
In the demo, Fabrikam Jets uses the Dallas Portal, AC and ADFS to grant employees of Contoso Marketing access to Microsoft Codename "Dallas" at Fabrikam's expense, using Windows authentication, without exposing Fabrikam's Dallas account keys. It also shows how Fabrikam can revoke the privilege later.
The source code for this example is now available soon on this MSDN Code Gallery page.
Note: The example has been updated to work with the V1 version of AppFabric Access Control. There were two changes from the CTP version to V1 that made the update necessary: 1) V1 uses version 0.9 of the WRAP protocol, instead of version 0.8, and 2) the issuer name generated by V1 is the base URI of the STS endpoint for the service namespace, instead of the full URI. The screen cast has not yet been updated, and still shows the user providing the full URI of the STS endpoint as the key description, rather than the base URI. In all other respects, however, it remains accurate.
In the demo, Fabrikam Jets uses the Dallas Portal, AC and ADFS to grant employees of Contoso Marketing access to Microsoft Codename "Dallas" at Fabrikam's expense, using Windows authentication, without exposing Fabrikam's Dallas account keys. It also shows how Fabrikam can revoke the privilege later.
The source code for this example is now available soon on this MSDN Code Gallery page.
Note: The example has been updated to work with the V1 version of AppFabric Access Control. There were two changes from the CTP version to V1 that made the update necessary: 1) V1 uses version 0.9 of the WRAP protocol, instead of version 0.8, and 2) the issuer name generated by V1 is the base URI of the STS endpoint for the service namespace, instead of the full URI. The screen cast has not yet been updated, and still shows the user providing the full URI of the STS endpoint as the key description, rather than the base URI. In all other respects, however, it remains accurate.
Download
Right click or Alt+Enter to download this episode
- High Quality WMV (18.5 MB)
- MP3 (2.8 MB)
- Low Quality MP4 (19.8 MB)
- Mid Quality WMV (22.4 MB)
The Discussion
-
JackGr The example is publicly available, and can be used with any AC service namespace. The FabrikamJets service namespace used in the screen cast remains private, however, in the interest of preserving the behavior shown in the screen cast for the benefit of those who are interested in learning about it.
-
kempes796 buenos dias
solicito el favor y me envies unos videos de c# estoy empezando a aprender a programar en este lenguaje y necesito de toda la ayuda posible para aprender
Related episodes
3: Azure Mobile Services, Part 3: Implementing Single Sign-On
Identity 201: Cloud Identity for Developers
Edge Show 85 - Windows Azure Active Directory Premium Demo
Edge Show 82 New Microsoft Rights Management
Special Movember Episode - ASP.NET Authentication using ASP.NET Identity
Edge Show 76 - Windows Azure MFA
The Access Control Service 2.0 Ships!
Aaron Smalser on the ACS 2.0 Portal and HDR Features
Justin Smith on the Release of Access Control Service 2.0
