Exploring this unit you will learn how to take advantage of the new model, classes and tools that constitute Windows Identity Foundation to authenticate and authorize web service calls, take advantage of production STSes for externalizing authentication, authorize access by imposing conditions on incoming claims and handle delegation scenarios. It also includes a complete lab that will walk you through all the practicalities of taking advantage of the unique characteristics of the Windows Azure environment from your Windows Identity Foundation settings.
Hands-On Labs
Web Services and Identity for Visual Studio 2010 Developers
This lab introduces you to the use of Windows Identity Foundation for securing WCF services. The claim object model offered by WIF is more integrated with the .NET identity object model than the one originally featured in WCF: the first exercise will help absolute beginners and WCF experts alike to familiarize with the new programming model. In the second exercise you will experience directly how easy it is to take advantage of existing identity providers for externalizing the authentication logic for your web service. The third exercise shows you how WIF addresses delegation. You will learn how to take advantage of Windows Identity Foundation for flowing the identity of your users across multiple services and application tiers, ensuring that the access privileges are always referring to the actual user access levels.
Web Services and Identity in Windows Azure
This lab is a step by step guide that will help you to use claims-based identity for handling authentication and access management for your WCF services hosted in Windows Azure; it will show you how you can still take advantage of local identities for authenticating your users, despite the fact that your services are now hosted in the cloud. The lab will walk you through all the practicalities of taking advantage of the unique characteristics of the Windows Azure environment from your Windows Identity Foundation settings.