1 / 8

ACS Functionality

The Access Control Service (ACS) implements federation and trust using industry standards such as WS-Trust, WS-Federation, OAuth WRAP, and OAuth 2.0. It supports various token formats, including SAML 1.1 and 2.0, and SWT authentication. While it features built-in login pages, customization options are limited. ACS effectively uses a rules engine for claims-based authorization and can be managed through its portal or a Management Service without the need for a client SDK. Flexibility in authorization and automated management are key benefits.

everly
Télécharger la présentation

ACS Functionality

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ACS Functionality

  2. Objectives • List ACS functional capabilities

  3. Federation and Trust • ACS implements federation and trust using industry standards • Protocols: • WS-Trust • WS-Federation • OAuth WRAP and OAuth2.0 • Token formats: • SAML 1.1 and 2.0 • SWT

  4. Authentication • Built in login pages • Cannot be customized • Home Realm Discovery Metadata Feed • Enables page customization

  5. Authorization • ACS’ Rules Engine • Control what claims get into the token • Management portal • Identity providers • Windows Identity Foundation (WIF) • Role-based access control (RBAC) • Claims-based authorization

  6. Administration • Administer ACS via its Management Portal • Accessed through Windows Azure portal • Administer ACS via Management Service • A service that exposes OData endpoint • Does not required client SDK • Automation • Custom UI • Functionality not available via Management Portal

  7. Key Takeaways • ACS implement industry standards • ACS offers flexible authorization options • ACS can be managed manually and programmatically

  8. Next Steps • Sign up for free trial at http://www.microsoft.com/windowsazure/free-trial/ • Learn more at http://go.microsoft.com/fwlink/?LinkID=212360

More Related