Adoption Time Single paradigm, mature tools, stable design patterns and frameworks Software developer’s comfort zone Competing paradigms, no tools, design patterns & frameworks not established Architectural responsibilities are greatest
Windows Identity Foundation Windows CardSpace 2.0 Active Directory Federation Services 2.0 Software Services Claims-Based Access Interoperability Improved Security Improved Productivity Windows Live ID Microsoft Federation Gateway.Net Access Control Service.Net Access Control Service
Application Server Security Token Service End User Claims Framework Your App 3. Read policy 5. Send claims 1.Establish relationship using metadata 2. Read policy trust 4. Get claims
Application Server “Geneva” Server End User “Geneva” Framework Your App 3. Read policy 5. Send claims 1.Establish relationship using metadata Active Directory 2. Read policy trust 4. Get claims
Step 4: Create or acquire a trusted root certificate and add it to your web role properties
WSFAM SecurityTokenHandler ClaimsAuthenticationManager SessionAuthenticationModule ClaimsAuthorizationManager
Identity must flow across all these boundaries and more. [Reprinted from A Short Introduction to Cloud Platforms, courtesy of David Chappell]A Short Introduction to Cloud Platforms
STS
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.