1 / 49

Using Windows Identity Foundation For Creating Identity - Driven Experiences in Silverlight

Using Windows Identity Foundation For Creating Identity - Driven Experiences in Silverlight. Caleb Baker Sr. Program Manager calebb@microsoft.com. Agenda. Identity and Claims Using Claims in Silverlight Wrap Up. What are the Opportunities with Identity?. The Basics.

chandler
Download Presentation

Using Windows Identity Foundation For Creating Identity - Driven Experiences in Silverlight

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. UsingWindows Identity Foundation ForCreatingIdentity-DrivenExperiencesin Silverlight Caleb Baker Sr. Program Manager calebb@microsoft.com

  2. Agenda • Identity and Claims • Using Claims in Silverlight • Wrap Up

  3. What are the Opportunities with Identity?

  4. The Basics Identity is Used to: Control Access • Authentication • Authorization Personalize an Experience

  5. Identity Silos

  6. Tear Down the Silos! • Identity is Reusable • Removes Complexity for your Application

  7. Identity As a Service Your Application Identity Provider

  8. Application Claims Identity Provider

  9. Claims A Statement Made by One Entity About Another Entity A Type of Information http://claim.contoso.com/identity/age Containing a Value over 21 According to Whom Department of Licensing

  10. Examples • Name • Address • Age • Frequent Flier • Employer • Gender • Information about a user your app needs

  11. Demo Scenario

  12. The Companies • A large widget producer. An events planning start-up, which just won a contract with Contoso.

  13. Challenge How Can Fabrikam Provide Access for Contoso Users?

  14. First Solution Users Can register Using Their Work Email

  15. This works, but there is an easier way

  16. Another Solution Use a claims-based approach

  17. Claims Identity Provider Identity Provider Identity Provider

  18. Claims Identity Provider

  19. How Claims are being sent Communication of Claims WS-Federation WS-Trust What’s Important is these are Standards based. Which Means they Work With other Solutions.

  20. The Ingredients Silverlight 3 or 4 Silverlight SDK Windows Identity Foundation Windows Identity Foundation SDK Training Kit Sample assemblies SL.IdentityModel.dll SL.IdentityModel.Server.dll

  21. Demo

  22. Review Fabrikam used Contoso Identities • To Authenticate Users • To Customize the User Experience • Reduce Friction and Complexity

  23. Out Of Browser Moving Out Of the Browser Presents pProblems with Browser Based Authentication

  24. Challenge Requesting Claims to Sign in to Fabrikam from Out of Browser. Browser Redirect work

  25. Solution Request Claims Using a Web Service

  26. Solution Request Fabrikam Response Relying Party Identity Provider

  27. Demo

  28. Control Access Grant access control based on claims • Employees should be able to view events • Managers can schedule events

  29. Challenge How does Fabrikam know who is a manager at Contoso?

  30. Option one One way to solve this is with an administrator accounts

  31. Solution without claims

  32. Solution With Claims Perform Access Check Using Claims

  33. Demo

  34. Mashup Goals for Contoso’s Event Planner Application • Managers can query a local directory for a list of employees. • Call the Fabrikam service with list of invitees.

  35. Challenges How to authenticate a cross site call?

  36. First Solution Have the user provide credentials required to access the service

  37. Username Password Username Password

  38. Claims Based Solution The Contoso Client Application Requests Claims for Fabrikam

  39. Identity Provider Silverlight Application Events Web service

  40. Demo

  41. Security Considerations Cross domain call requires Fabrikam to publish one of the following • ClientAccessPolicy.xml • CrossDomain.xml

  42. Cross domain token reuse What prevents Fabrikam from accessing the Contoso service as the user?

  43. Available resources Windows Identity Foundation Released Nov. 2009 Active Directory Federation Services 2.0 (AD FS RC 2.0) Released the first half of this year Training Kit: http://go.microsoft.com/fwlink/?LinkId=148795 Team blog: http://blogs.msdn.com/card

  44. Feedback What seems interesting What else would you like to see? Windows Phone 7? Email: calebb@microsoft.com Forum: http://social.msdn.microsoft.com/Forums/en-US/Geneva/threads/

  45. Please fill out Session Evaluations

  46. Q & A

  47. © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related