RSS

All Project Updates

Discussions

Issue Tracker

Releases

Reviews

Source Code

Wiki & Documentation

RSS

View All Comments | Print View | Page Info | Change History (all pages)

Home

Just Released!

- Book content online on MSDN.
- Book PDF download
- Final samples download

What is Claims-Based Identity, and Why Should You Care?

There are many features in a typical secure application, three of the most common being:

Authentication: “Who are you?”
Authorization: “Are you allowed to do this?”
Personalization: “How can I personalize your experience?”

This guide will introduce you to “claims-based” identity, a set of ideas and tools that may make it easier for you to build features like these into your apps in a more flexible way. In this guide, we’ll introduce some concepts that may sound new: claims, federated identity, and much more. But many of the ideas presented here have been floating around for a long time.

The protocols we’ll show in this guide have a similar flavor to Kerberos, one of the most broadly accepted authentication protocols in use today (used in Active Directory for example). WS-Federation, SAML, and other federated identity protocols have been incubating for this entire decade. This is really not so new after all, but it does require a new way of thinking as we move toward a better architecture for identity in applications.

Claims based identity is specially compelling for applications that are deployed to the cloud. This Guide covers such scenarios.

Claims-based identity isn’t new. It’s been being designed and implemented for almost a decade.

Just Released! - Book content on MSDN.

Why do we need a guide now?

Only within the last year have tools been released to make claims-based identity generally available to applications on the Windows platform. With the Windows Identity Framework (WIF), Active Directory Federation Services v2 (ADFS), the identity landscape has opened up quite a bit, and our goal in this guide is to show how you can benefit by understanding these concepts and using these tools.

How is the Guide Organized?

The Guide will contain a few introductory chapters that will cover the basics of Claims based Identity, common terminology, protocols and technologies. This is the "theory" part of the book and we hope it will be useful for those new to the subject. Claims based identity is surprisingly simple and yet very powerful. Then, there will be a number of chapters with "case studies". These are very specific, commonly occurring scenarios where we surface goals, challenges and solutions in concrete contexts. As examples of the kind of scenarios we are considering, take a look at these three blog posts:

WebSSO
Federation
Software as a Service - Part I
Software as a Service - Part II

Check the downloads section for early chapters and samples!

Downloads

Blogs

Dominick Baier:

www.leastprivilege.com News Feed

Thinktecture.DataObjectModel

Tuesday, March 09, 2010 | From www.leastprivilege.com

This week: Trooper Heidelberg

Sunday, March 07, 2010 | From www.leastprivilege.com

Guide to Claims-based Identity and Access Control

Friday, March 05, 2010 | From www.leastprivilege.com

WIF Workshop

Friday, March 05, 2010 | From www.leastprivilege.com

Zurück von der BASTA

Monday, March 01, 2010 | From www.leastprivilege.com

www.leastprivilege.com News Feed

Vittorio Bertocci

Vibro.NET News Feed

Identity Developer Training Kit March 2010 update: WIF+Silverlight, WIF+WCF on Windows Azure

Tuesday, March 16, 2010 | From Vibro.NET

Using the “Windows Identity Foundation and Windows Azure passive federation” lab with the February2010 Windows Azure Tools

Monday, March 08, 2010 | From Vibro.NET

The IdElement on Zune Marketplace and iTunes

Sunday, March 07, 2010 | From Vibro.NET

Coming to a City Near You: Windows Identity Foundation Developer Workshops!

Friday, March 05, 2010 | From Vibro.NET

U-Prove Community Technical Preview

Tuesday, March 02, 2010 | From Vibro.NET

Vibro.NET News Feed

Keith Brown:

Security Briefs News Feed

Labs for my Attack/Defence talk today at DevWeek

Thursday, March 18, 2010 | From Security Briefs

Rocky Mountain Tech Trifecta

Monday, March 01, 2010 | From Security Briefs

Did FxCop tell you to use System.Uri?

Saturday, October 10, 2009 | From Security Briefs

Beware Uri.ToString

Saturday, October 10, 2009 | From Security Briefs

What goes into claims

Wednesday, October 07, 2009 | From Security Briefs

Security Briefs News Feed

Eugenio Pace:

Eugenio Pace : Claims News Feed

Windows Azure Guidance – a-Expense “before” on CodePlex

Tuesday, March 16, 2010 | From Eugenio Pace : Claims

A Guide to Claims based Identity – Released - The strategy behind it and our plans

Tuesday, March 09, 2010 | From Eugenio Pace : Claims

Just Released – Claims-Identity Guide online

Friday, January 29, 2010 | From Eugenio Pace : Claims

ADFS / WIF on Amazon EC2

Wednesday, January 13, 2010 | From Eugenio Pace : Claims

Updated code samples & chapters for Claims Identity Guide – Release Candidate

Monday, December 21, 2009 | From Eugenio Pace : Claims

Eugenio Pace : Claims News Feed

Erwin van der Valk

Erwin van der Valk's blog: Practicing patterns News Feed

Goodbye…

Monday, December 28, 2009 | From Erwin van der Valk's blog: Practicing patterns

how to work with animations in Silverlight in the mvvm pattern

Monday, October 12, 2009 | From Erwin van der Valk's blog: Practicing patterns

Announcing the guide for claims based identity and access control

Saturday, October 03, 2009 | From Erwin van der Valk's blog: Practicing patterns

Announcing the guide for claims based identity and access control

Friday, October 02, 2009 | From Erwin van der Valk's blog: Practicing patterns

how to apply a viewmodel to new windows

Friday, September 18, 2009 | From Erwin van der Valk's blog: Practicing patterns

Erwin van der Valk's blog: Practicing patterns News Feed

Matias Woloski

Matias Woloski's Blog News Feed

Sharepoint 2010 and ADFS

Friday, March 05, 2010 | From Matias Woloski's Blog

Claims-based Identity and Access Control Guide RTM!

Friday, March 05, 2010 | From Matias Woloski's Blog

PDC09 and the last 3 months…

Wednesday, December 09, 2009 | From Matias Woloski's Blog

Claims based Authentication & Authorization: The Guide

Saturday, August 15, 2009 | From Matias Woloski's Blog

Windows 7 Screencast – Taskbar, OverlayImage, ProgressBar, Thumbnails

Tuesday, August 11, 2009 | From Matias Woloski's Blog

Matias Woloski's Blog News Feed

Last edited Mar 3 at 5:17 PM by eugeniop, version 21

Want to leave feedback?
Please use Discussions or Reviews instead.

Download

Microsoft Public License (Ms-PL)

This license governs use of the accompanying software. If you use the software, you accept this license. If you do not accept the license, do not use the software.

1. Definitions

The terms "reproduce," "reproduction," "derivative works," and "distribution" have the same meaning here as under U.S. copyright law.

A "contribution" is the original software, or any additions or changes to the software.

A "contributor" is any person that distributes its contribution under this license.

"Licensed patents" are a contributor's patent claims that read directly on its contribution.

2. Grant of Rights

(A) Copyright Grant- Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free copyright license to reproduce its contribution, prepare derivative works of its contribution, and distribute its contribution or any derivative works that you create.

(B) Patent Grant- Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free license under its licensed patents to make, have made, use, sell, offer for sale, import, and/or otherwise dispose of its contribution in the software or derivative works of the contribution in the software.

3. Conditions and Limitations

(A) No Trademark License- This license does not grant you rights to use any contributors' name, logo, or trademarks.

(B) If you bring a patent claim against any contributor over patents that you claim are infringed by the software, your patent license from such contributor to the software ends automatically.

(C) If you distribute any portion of the software, you must retain all copyright, patent, trademark, and attribution notices that are present in the software.

(D) If you distribute any portion of the software in source code form, you may do so only under this license by including a complete copy of this license with your distribution. If you distribute any portion of the software in compiled or object code form, you may only do so under a license that complies with this license.

(E) The software is licensed "as-is." You bear the risk of using it. The contributors give no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this license cannot change. To the extent permitted under your local laws, the contributors exclude the implied warranties of merchantability, fitness for a particular purpose and non-infringement.

Current	Drop 5 - Release Candidate
Date	Sat Dec 19 2009 at 7:00 AM
Status	Stable
Rating	No Ratings 2034 downloads
More	View all downloads

Activity

7 30 All days

Page Views	755
Visits	421
Downloads	65

View Detailed Stats

Claims Based Identity & Access Control Guide