Claims-based Identity in .NET 4.5 and Windows 8

Posted by Your DisplayName here! on Least Privilege See other posts from Least Privilege or by Your DisplayName here!
Published on Sat, 17 Sep 2011 06:30:36 GMT Indexed on 2011/11/11 18:24 UTC
Read the original article Hit count: 359

Filed under:

IdentityModel

There was not a ton of new information about WIF and related technologies at Build, but Samuel Devasahayam did a great talk about claims-based access control that contained some very interesting bits of information with regards to future directions.

From his slides:

Windows 8

Bring existing identity claims model into the Windows platform
Domain controller issues groups & claims
Claims (user and device) sourced from identity attributes in AD
Claims delivered in Kerberos PAC
NT Token has a new claims section
Enhanced SDDL API’s to work with claims
Enhanced user mode CheckAccess API’s to work with claims
New ACL-UX
Target audits with claims-based expressions

WIF & .NET 4.5

WIF is in the box with .NET Framework 4.5
Every principal in .NET 4.5 is a ClaimsPrincipal

ADFS 2.1

ADFS 2.1 is available now as a in-box server role in Windows 8
Adds support for issuing device claims from Kerberos ticket

Related posts about IdentityModel

Identity Claims Encoding for SharePoint

as seen on Geeks with Blogs - Search for 'Geeks with Blogs'
Just to remind myself, the list of claim types and their encodings are listed here at the bottom. http://msdn.microsoft.com/en-us/library/gg481769.aspx Where for example: i:0#.w|contoso\scicoria ‘i’ = identity, could be ‘c’ for others # == SPClaimTypes.UserLogonName . == Microsoft.IdentityModel… >>> More
Thinktecture.IdentityModel: WIF Support for WCF REST Services and OData

as seen on Least Privilege - Search for 'Least Privilege'
The latest drop of Thinktecture.IdentityModel includes plumbing and support for WIF, claims and tokens for WCF REST services and Data Services (aka OData). Cibrax has an alternative implementation that uses the WCF Rest Starter Kit. His recent post reminded me that I should finally “document” that… >>> More
Thinktecture.IdentityModel: Comparing Strings without leaking Timinig Information

as seen on Least Privilege - Search for 'Least Privilege'
Paul Hill commented on a recent post where I was comparing HMACSHA256 signatures. In a nutshell his complaint was that I am leaking timing information while doing so – or in other words, my code returned faster with wrong (or partially wrong) signatures than with the correct signature. This can… >>> More
Thinktecture.IdentityModel: WRAP and SWT Support

as seen on Least Privilege - Search for 'Least Privilege'
The latest drop of Thinktecture.IdentityModel contains some helpers for the Web Resource Authorization Protocol (WRAP) and Simple Web Tokens (SWT). WRAP The WrapClient class is a helper to request SWT tokens via WRAP. It supports issuer/key, SWT and SAML input credentials, e.g.: var… >>> More
Azure - Microsoft.IdentityModel not found

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi There, I'm working with a WCF service in Azure, which uses Windows Live ID authentication with the recent deviceid requirements. When I host my WCF service locally in the compute emulator, it works properly, but when I deploy the cloud service to Azure and call it the same way (from another project… >>> More

Developer IT

Claims-based Identity in .NET 4.5 and Windows 8 - Developer IT

Claims-based Identity in .NET 4.5 and Windows 8

IdentityModel

Related posts about IdentityModel

Identity Claims Encoding for SharePoint

Thinktecture.IdentityModel: WIF Support for WCF REST Services and OData

Thinktecture.IdentityModel: Comparing Strings without leaking Timinig Information

Thinktecture.IdentityModel: WRAP and SWT Support

Azure - Microsoft.IdentityModel not found

Categories cloud