Sample Chapters from Programming Windows Identity ... - Microsoft

Sample Chapters Copyright © 2011 by Vittorio Bertocci All rights reserved.

To learn more about this book visit http://go.microsoft.com/fwlink/?Linkid=196688.

Table of Contents Foreword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii

Part I



Windows Identity Foundation for Everybody

1 Claims-Based Identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 What Is Claims-Based Identity? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Traditional Approaches to Authentication . . . . . . . . . . . . . . . . . . . . . . . . 4 Decoupling Applications from the Mechanics of Identity and Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 WIF Programming Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 An API for Claims-Based Identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 WIF’s Essential Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 IClaimsIdentity and IClaimsPrincipal . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21



2 Core ASP.NET Programming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Externalizing Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 WIF Basic Anatomy: What You Get Out of the Box . . . . . . . . . . . . . . . . 24 Our First Example: Outsourcing Web Site Authentication to an STS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Authorization and Customization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 ASP.NET Roles and Authorization Compatibility . . . . . . . . . . . . . . . . . 36 Claims and Customization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 A First Look at . . . . . . . . . . . . . . . . . . . . . . 39 Basic Claims-Based Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

What do you think of this book? We want to hear from you! Microsoft is interested in hearing your feedback so we can continually improve our books and learning resources for you. To participate in a brief online survey, please visit:

www.microsoft.com/learning/booksurvey/





vii

viii

Table of Contents

Part II



Windows Identity Foundation for Identity Developers

3 WIF Processing Pipeline in ASP.NET . . . . . . . . . . . . . . . . . . . . . . . . 51 Using Windows Identity Foundation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 WS-Federation: Protocol, Tokens, Meta action=" /?wa=wsignout1.0&wreply=…"> You are now signed out of the following sites:

WebSiteA/

WebSiteB/