 Justin Smith Sr. Program Manager Microsoft Corporation BB55

NOTE: The.NET Service Bus and the.NET Workflow Service share code for token processing

Your Customers Your App Access Control Service Live ID Users XYZ Domain Users Who is the caller? What can they do? UI Integrate Service Bus Orchestrate Store WF Data

Your.NET Access Control Service STS (Managed STS) Your.NET Access Control Service STS (Managed STS) Relying Party (Service Bus, Your App, etc.) Relying Party (Service Bus, Your App, etc.) 2. Send Claims (RST) 4. Send Token (RSTR) (output claims from 4) 5. Send Message w/token 0. Cert|Secret exchange; periodically refreshed Requestor (Your Customer) Requestor (Your Customer) 1. Define access control rules for a customer 6.Claims checked in Relying Party 3. Map input claims to output claims based on access control rules

Justin Smith

Foo/ Bar/ Baz/

Justin Smith

Foo/ Bar/ Baz/ Foo/ Bar/ Baz/

Justin Smith

Please fill out your evaluation for this session at: This session will be available as a recording at:

© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.