1 / 14

Understanding Claims-Based Authentication in ASP.NET with Windows Identity Foundation

This article explores the architecture of claims-based authentication in ASP.NET using Windows Identity Foundation. It covers the role of HTTP contexts, how to check user roles, and the significance of WS-Security, OpenID, OAuth, SAML, and WS-Federation in securing applications. We discuss the request processing lifecycle in IIS, detailing stages like Application_Start, BeginRequest, and EndRequest, as well as handling session states. Additionally, we examine signing out of multiple relying party sites and the implementation of security protocols for seamless user experiences.

barrett-horn
Télécharger la présentation

Understanding Claims-Based Authentication in ASP.NET with Windows Identity Foundation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Claims Based Authentication and Windows Identity Foundation

  2. ASP.NET -> HTTPContext.Current.User Thread.CurrentPrincipal Thread.CurrentPrincipal.IsInRole(“Admin”);

  3. SOAP WS-Security OpenID OAuth WS-* SAML WS-Trust WS-Federation W3C OASIS

  4. Every request meant to be processed by ASP.NET goes through: aspnet_isapi.dll (ISAPI extension) in IIS 6.0 or IIS 7.0 classic mode Managed pipeline in IIS 7.0 Keeps track of how Request-serving process is progressing HttpRuntime Performs the actual Request-serving HttpContext Events Request processing and application life cycle HttpApplication Application_Start BeginRequest AuthenticateRequest Pipeline of HttpModules EndRequest IHttpModule and many more… Handling session state Forums Authentication etc…

  5. WIF, formerly known as Geneva project

  6. Thread.CurrentPrincipal.IsInRole(“Admin”);

  7. Signing out from multiple RPs wa=wsignoutcleanup1.0 Relying Party Site 1 Relying Party Site 2 Relying Party Site 3 <imgsrc=“https://relyingParty1.com/?wa=wsignoutcleanup1.0”/>

More Related