Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

1. Overview of Claims-based Identity > Abstracting identity with claims

Abstracting identity with claims

Authentication and authorization are two of the most common aspects of the application security. In Windows, security is generally handled using the Kerberos or the NTLM security tokens. The user is provided with credentials that include a domain user ID and a password, and these credentials are validated against the user's entry in the Active Directory. Role-based security is implemented with the help of authorization managers that control the level of access for the user.

This works well within the boundaries of the Windows ecosystem; however, it gets difficult if the application has to support the users that do not have Windows Active Directory credentials. In the real world, the applications spanning multiple platforms interact with each other and require the security context to be shared. Using a claims-based identity model provides a robust way of handling authentication and authorization across the discrete systems. Throughout this chapter, we will explore the recipes that will help you gain an understanding of how claims-based identity is core to the .NET Framework 4.0 and help you get started on the Microsoft's Identity and Access Management paradigm. In this recipe, we will find out how a Windows id.... System.IdentityModel


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint