you, yourself and internet
DESCRIPTION
Identity management in 21st century is not an easy task - neither for user, nor for developers.TRANSCRIPT
ABOUT ME
• Windows Azure MVP (3 times now)
• With Azure from the beginninghttp://blogs.staykov.net/@astaykov
AGENDA
What has changed ? Small story Terminology Windows Azure Active
Directory & Access Control Service
Demos
IDENTITY
ASP.NET Membership Provider
ASP.NET OAuth WIF OWIN
WHAT HAS CHANGED?
SMALL STORY
THE STORY
USER PERCEPTIONS
Create an account 3 out of 4 customers avoid this
Information accuracy 76 % have given incomplete / incorrect
Password reset 45% admin to leave the site
Create account 24% of online shoppers abandon the site
User loyalty 55% are likely to return
IN REAL LIFE
IT’S ALL ABOUT CLAIMS
CLAIMS
ClaimSecurity Token (SAML, SWT, JWT)Security Token Service (STS) Identity providerFederation Provider
TERMINOLOGY
SSI (Single Sign In)SSO (Single Sign-Out or Single Sign-On)
Identity Management*
SCENARIOS Global app
Windows Azure*
CLAIMS-BASED IDENTITYClaims
Active DirectoryFederation Services 2/3Windows Server RoleAn STS for ADWS-Federation, WS-Trust, SAML
WIF PIPELINE FOR ASP.NET
FAM SAM CAMRedirectToken handlingClaims filtering
Session Claims-BasedAuthorization
Windows Azure
Claims
WINDOWS AZURE ACTIVE DIRECTORY ACCESS
CONTROL
AUTHENTICATING USERS FROM WEB AND SOCIAL PROVIDERS
Sign-up and claims enrichment
Windows Azure*
ACCESS CONTROL SERVICE – BUILDING BLOCKS
ACS Namespace
IdentityProviders
RelyingParty
Applications
RuleGroups
Service Identities
KEY TAKEAWAYS
Claims will get the job done! Use Federated Authentication It is way easier than managing
password hashes It is FREE!
DEMOSGet cracking some code!