dotnetomaniak.pl - Artykuły z tagiem WIF

In this post we’ll focus on security. We’ll try to prove that claims base authentication is safe. As we remember SAML tokens are issued by “trusted” STS. But what exactly does “trusted” issuer mean? In this post, we’ll try to find definition of “trusted issuer”, a list of attributes which decide that issuer is trusted.

[EN] Security in WIF | Future Processing

Architektura 3367 dni, 4 godziny, 37 minut temu FutureProcessing 104 źrodło rozwiń

In this article we focus on sample service based on WCF (Windows Communication Foundation), as we will only try to build sample service with claims-based authentication and authorization. All technical aspects connected with security e.g. configuration, certificates, encryption, signature or CRL will be described in details in the next posts.

WCF services with claims-based authentication and authorization | Future Processing

Architektura 3438 dni, 3 godziny, 18 minut temu FutureProcessing 146 źrodło rozwiń

In the previous article basic information about authentication and authorization process on .Net has been presented. Security Token Service is an integral part of claim based approach. As we remember from the previous article, STS is responsible for handling user’s requests and creating tokens; it can also work in two modes: active and passive. In this article we focus on Active STS, as we will only try to build sample STS.

Introduction to Claims-Based Authentication and Authorization in .NET - how to build Active STS | Future Processing

Architektura 3472 dni, 14 godzin, 41 minut temu FutureProcessing 167 źrodło rozwiń

Authentication and Authorization Authentication and authorization are two closely related concepts, which are used to build security mechanism in systems and applications. Information security is the practice of protecting information from unauthorized access, use or even modification. Confidentiality, integrity and availability (known as CIA triad) is a model designed to guide policies of information security within an organization. In this article we are focusing on confidentiality, which refers to re...

Dziel się z innymi:
[EN] Introduction to Claims-Based Authentication and Authorization in .NET | Future Processing

Architektura 3543 dni, 1 godzinę, 10 minut temu FutureProcessing 125 źrodło rozwiń

Framework WIF dostarcza ujednolicony model zabezpieczeń. W łatwy sposób można przełączać się między tokenami generowanymi na podstawie loginu\hasła czy CardSpace – kod pozostaje niezmienny. Zainteresowanych zapraszam mojego ostatniego artykułu: http://msdn.microsoft.com/pl-pl/library/ff720168.aspx

Dziel się z innymi:
Piotr Zieliński  » Blog Archive   » Windows Identity Foundation – integracja z ASP .NET

Web 5250 dni, 12 godzin, 29 minut temu pzielinski 97 źrodło rozwiń