This unit will explore how to take advantage of Windows Identity Foundation for enhancing a classic ASP.NET Web application and enhance a common ASP.NET membership provider website with advanced identity capabilities, enabling new scenarios without disrupting the existing functionalities or your user’s experience. At the end of the unit you will be able to take your own ASP.NET applications and externalize authentication and authorization code.
Hands-On Labs
Web Sites and Identity
The first exercise of the lab describes the most basic form of claims-based authentication for web sites, demonstrating how to take advantage of the integration between Windows Identity Foundation and Visual Studio. If you are interested in authorization, this lesson is for you: you will see how claims allow you to use the traditional ASP.NET role model, or to use sophisticated access rules (such as imposing an age limit to users) via claims. The second exercise you will take a peek inside a custom STS, discovering how claims are issued and how you can back an STS with arbitrary credentials and attributes stores. The third exercise is very short: you will experience firsthand how easy it is to take advantage of existing identity providers for externalizing the authentication logic for your website. How would you like to instantly grow your audience to more than 500 million users? The fourth exercise will show you how you can add Live Id to your list of trusted identity providers The fifth and final exercise of the lab is for expert developers. It shows you how you can avoid trusted subsystems without relying on sophisticated infrastructure. You will learn how to take advantage of Windows Identity Foundation for flowing the identity of your users across application tiers, ensuring that the access privileges are always referring to the actual user access levels.
Enhancing an ASP.NET Membership Provider Website with Identity Provider Capabilities
This lesson demonstrates how to add a simple STS to you ASP.NET membership provider-based website. By adding a simple page containing WIF code you will enable your partners to accept your users in their websites, even enabling Single Sign On for the users already logged in your website!