Here we introduce Microsoft Code Name "Geneva," the new framework for building claims-based applications and services, and federated security scenarios.
Michele Leroux Bustamante
MSDN Magazine December 2008
View Complete Post
A Security Token Service, or STS, acts as a security gateway to authenticate callers and issue security tokens carrying claims that describe the caller. See how you can build a custom STS with the "Geneva" Framework.
MSDN Magazine January 2009
I see that SQL Server 2008 R2 Reporting Services now supports
Claims Based Authentication in Sharepoint 2010, meaning that end users can authenticate with Sharepoint using Claims Based Authentication, and use the same security tokens to connect through to Reporting Services.
I assume that behind the scenes Sharepoint is using
Windows Identity Foundation (WIF - formerly codenamed "Geneva") to handle the authentication, and passing this on to Reporting Services.
I'm keen to use Windows Identity Foundation to authenticate with Reporting Services
without Sharepoint. We have an existing ASP.NET web application, and we'd like to call Reporting Services from that, passing on the Windows Identity Foundation credentials of the user logged into our web application.
I've done some work on setting up a custom security extension using Forms Authentication (based on the
sample), but am not sure how to proceed from there.
Google/Bing hasn't been helpful. Can you please point me to some guidance on how to set up Windows Identity Foundation authentication for Reporting Services?<
I'm planning to use CBA to do authentication and authorization to a document library. For example, if you have the claim type 'location' equal to 'London' then you are granted access to a folder. Simple, and it works great from the out-of-the-box
web browser interface.
The question is, can the Web Services interfaces also accept a signed SAML token and use those attribute to do authentication and authorization? I would prefer to use the CMIS interface where possible. I understand that the web services
are based on WCF, which leads me to believe I can just modify the web.config to add in WCF directives for ws2007HttpBinding->security->message, but will the SP web services code respond by using the identity in the message?
What I have noticed so far, is that the CMIS interface has directives for only impersonation only. Since CBA identities do not map to windows accounts, I thinking I'm barking up the wrong tree. I'm not dead set on CMIS, so if there are other
web services available to do CBA, I'm all ears.
There's not a lot of practical material on this, and I'm currently working on a PoC to acheive this goal. Any help would be greatly appreciated.
was giving a though on using ajax enabled wcf services as part of architecture
generally wht im using
is UI-> BL-> data access
is it suggestable to use wcf services layer instead
nd hv UI-> services-> data access
related to asp.net
would like to no pro's and con's of doing this thing.
is it suggestable to do it.
Learn how to use the AtomPub protocol to pump up your blogs. Chris Sells includes a practical demonstration of mapping so you can expose a standard AtomPub service from a Web site and use Windows Live Writer to provide a rich editing experience against the service.
MSDN Magazine August 2010
The Silverlight Media Framework is an extensible and scalable video framework upon which you can create your own player experiences. We'll walk you through a custom player project that displays suggested videos for further viewing after the current video ends.
MSDN Magazine May 2010
Elisa Flasko takes you through a sample weblog application to demonstrate how new improvements in Entity Framework and WCF Data Services work together to simplify the way data is modeled, consumed and produced in Visual Studio 2010.
MSDN Magazine April 2010
Glenn Block explains how the Managed Extensibility Framework, a new library coming in .NET Framework 4.0, tackles the longstanding issue of building applications and components that can be reused and extended by others. Learn how to build apps that can use new functionality introduced by developers, framework authors and third-party extenders.
MSDN Magazine February 2010
Over the past few years, federated security models and claims-based access control have become increasingly popular. Platform tools in this area have also come a long way. Windows Identity Foundation (WIF) is a rich identity model framework designed for building claims-based applications and services and for supporting active and passive federated security scenarios.
MSDN Magazine November 2009
This article is the third in a series about n-tier programming with the Entity Framework, specifically about building custom Web services with the Entity Framework and WCF. This article looks at features coming in the second release of the Entity Framework (EF4) and how you use them to implement the Self-Tracking Entities and Data Transfer Objects (DTOs) n-tier patterns.
Schema- first contract-first modeling of Web Services gives you the ability to model your contracts with an XML-centric mindset. This process keeps you focused on universally acceptable types and the hierarchical data structures that can be represented in XML.
Christian Weyer, Buddhike de Silva
MSDN Magazine October 2009
.NET RIA Services provides a set of server components and ASP.NET extensions such as authentication, roles, and profile management. We'll show you how they work.
MSDN Magazine May 2009
We show you how .NET Services within the Azure Services Platform makes it easy to bring workflow apps to the cloud.
MSDN Magazine April 2009
We explore some of the key new WCF and WF features in .NET Framework 4.0 as well as the new application server capabilities provided by the "Dublin" extensions.
Windows Communication Foundation (WCF) provides an easy role-based system and a more powerful and complex claims-based API for implementing authorization in services.
Dominick Baier and Christian Weyer
MSDN Magazine October 2008