You are previewing Programming Windows® Identity Foundation.
O'Reilly logo
Programming Windows® Identity Foundation

Book Description

Get hands-on guidance designed to help you put the newest .NET Framework component- Windows Identity Foundation, the identity and access logic for all on-premises and cloud development- to work.

Table of Contents

  1. Programming Windows® Identity Foundation
  2. Dedication
  3. A Note Regarding Supplemental Files
  4. Foreword
  5. Acknowledgments
  6. Introduction
    1. Who is this Book For?
    2. System Requirements
    3. Code Samples
    4. Errata and Book Support
    5. We Want to Hear from You
    6. Stay in Touch
  7. I. Windows Identity Foundation for Everybody
    1. 1. Claims-Based Identity
      1. What Is Claims-Based Identity?
        1. Traditional Approaches to Authentication
          1. IPrincipal and IIdentity
          2. Populating IPrincipal
        2. Decoupling Applications from the Mechanics of Identity and Access
          1. Authentication and Authorization in Real Life
          2. Claims-Based Identity: A Logical Layer for Identity
      2. WIF Programming Model
        1. An API for Claims-Based Identity
        2. WIF’s Essential Behavior
        3. IClaimsIdentity and IClaimsPrincipal
      3. Summary
    2. 2. Core ASP.NET Programming
      1. Externalizing Authentication
        1. WIF Basic Anatomy: What You Get Out of the Box
          1. WIF Runtime
          2. WIF SDK
        2. Our First Example: Outsourcing Web Site Authentication to an STS
          1. Using the Federation Utility Wizard
          2. Using an Actual Identity Provider
      2. Authorization and Customization
        1. ASP.NET Roles and Authorization Compatibility
        2. Claims and Customization
        3. A First Look at <microsoft.identityModel>
          1. WIF and the web.config File
        4. Basic Claims-Based Authorization
      3. Summary
  8. II. Windows Identity Foundation for Identity Developers
    1. 3. WIF Processing Pipeline in ASP.NET
      1. Using Windows Identity Foundation
        1. Using the SDK Tools
          1. Using the SDK Tools
          2. Manipulating the Configuration Elements
          3. Serving Events
          4. Subclassing
      2. WS-Federation: Protocol, Tokens, Metadata
        1. WS-Federation
        2. The Web Browser Sign-in Flow
        3. A Closer Look to Security Tokens
          1. Verifying a Token
          2. Anatomy of a Security Token
        4. Metadata Documents
      3. How WIF Implements WS-Federation
        1. The WIF Sign-in Flow
          1. Before the Redirect to the IP
          2. Processing the Sign-in Request
          3. Accessing a Page During a Valid Session
      4. WIF Configuration and Main Classes
        1. A Second Look at <microsoft.identityModel>
          1. The Default Configuration as Generated by FedUtil.exe
          2. Beyond the Default Configuration: Quick Reference
        2. Notable Classes
          1. WSFAM
          2. SAM
          3. CAM
          4. ClaimsAuthenticationManager
          5. ClaimsAuthorizationManager
          6. SecurityTokenHandler
          7. SessionSecurityTokenHandler
          8. CookieHandler
          9. TokenResolvers
          10. IssuerNameRegistry
      5. Summary
    2. 4. Advanced ASP.NET Programming
      1. More About Externalizing Authentication
        1. Identity Providers
        2. Federation Providers
        3. The WIF STS Template
          1. Structure of the STS ASP.NET Project Template
          2. STS Classes and Methods in App_Code
          3. Metadata
      2. Single Sign-on, Single Sign-out, and Sessions
        1. Single Sign-on
        2. Single Sign-out
          1. Signing Out from One RP
          2. Signing Out from Multiple RPs
        3. More About Sessions
          1. Sliding Sessions
          2. Sessions and Network Load Balancers
      3. Federation
        1. Transforming Claims
        2. Pass-Through Claims
        3. Modifying Claims and Injecting New Claims
        4. Home Realm Discovery
        5. Step-up Authentication, Multiple Credential Types, and Similar Scenarios
      4. Claims Processing at the RP
        1. Authorization
        2. Authentication and Claims Processing
      5. Summary
    3. 5. WIF and WCF
      1. The Basics
        1. Passive vs. Active
        2. Canonical Scenario
          1. The Service
          2. The WIF STS Template for WCF
          3. Invoking the Service
          4. Using Claims with a WCF Service
        3. Custom TokenHandlers
        4. Object Model and Activation
          1. Things You Do Differently in WCF When You Use WIF
      2. Client-Side Features
        1. Delegation and Trusted Subsystems
          1. CreateChannelActingAs and CreateChannelOnBehalfOf
          2. Using Delegation
          3. ActAs on the STS
        2. Taking Control of Token Requests
          1. WSTrustChannel and WSTrustChannelFactory
          2. CreateChannelWithIssuedToken
      3. Summary
    4. 6. WIF and Windows Azure
      1. The Basics
        1. Packages and Config Files
        2. The WIF Runtime Assembly and Windows Azure
        3. Windows Azure and X.509 Certificates
      2. Web Roles
        1. Sessions
        2. Endpoint Identity and Trust Management
      3. WCF Roles
        1. Service Metadata
        2. Sessions
        3. Tracing and Diagnostics
      4. WIF and ACS
      5. Custom STS in the Cloud
        1. Dynamic Metadata Generation
        2. RP Management
      6. Summary
    5. 7. The Road Ahead
      1. New Scenarios and Technologies
        1. ASP.NET MVC
        2. Silverlight
          1. For Whom the Token Tolls
        3. SAML Protocol
        4. Web Identities and REST
          1. OpenID
          2. OAuth 2.0
      2. Conclusion
  9. Index
  10. About the Author
  11. Copyright