Josh Gillespie, profile picture
Uploaded byJosh Gillespie
PPTX, PDF232 views

Who are you?

The document discusses the history and goals of identity management in ASP.NET. It describes earlier approaches like ASP.NET providers which were dependent on SQL Server and difficult to extend. The current ASP.NET Identity 2.1 aims to be usable across ASP.NET, easily extensible, persistence agnostic, testable, and support roles, claims and third-party authentication. It has interfaces, stores, managers and other classes to manage user identities and authentication in a modular way.

Technology
Related topics:
ASP.NET Overview

Embed presentation

Download to read offline
Who are you? Digging into ASP.NET Identity 2.1 Josh Gillespie
Agenda
What i s an Ident i t y?
What is an Identity? • Proof that you are who you say you are. (authentication) • The things are you permitted to do. (authorization) • Other information we (need to) know about you? (profile)
History of Identity in .NET • Forms and Windows Authentication • ASP.NET Providers • Released with .NET 2.0 (2005) • Addressed common site membership requirements • ASP.NET Simple Membership • Released with VS2010 SP1 • ASP.NET Universal Providers
ASP.NET Providers Pros • Simple to setup • “Just works” Cons • Extensibility was hard • Testing was hard • Other Auth approaches were hard • Dependent on SQL Server • Profile was hard to query • Dependent on Forms Auth
ASP.NET Simple Providers Pros • Profile was improved • Easier to add to Web page apps Cons • Non-relational stores are hard • Still FormsAuth dependent • Not extensible
ASP.NET Universal Providers Pros • Database was cleaned up • Used EF Code First • Can use any EF supported store Cons • Built on Membership, same limitations
ASP.NET Ident i t y Currently 2.1
Goals • Useable everywhere (One ASP.NET) • Easy profile access • Persistence agnostic • Testable • Role-based Authorization • Claims-based Authorization • Third-party Authentication • Azure AD • OWIN Integrated • NuGet package
So where would you s tar t?
Interfaces • Entities (IUser, IRole, IClaim, etc) • Stores (IUserStore, IRoleStore, etc) • Managers • Misc supporting classes • TokenProviders • Validators • Factories
Application Managers Stores Data Access Layer Data Storage Token Providers Validators Services Factories Entities
Closer look Decompile and look at one “Stack”
Fi le  New Projec t What do I get fresh out of the box?
Demo Opt ions 1. Change the Primary Key 2. Add a Two-Factor Authenticator Provider
Takeaways • When should you use ASP.NET Identity? • What is it good for, what is it not good for? • Implement only what you need.
Di s cus s ion
Thank you! Josh.Gillespie@PolarisSolutions.com @jcgillespie http://awaitwisdom.com

More Related Content

PDF
Related Content
byBarry Kooij
 
PPT
ASP.NET 13 - Security
byRandy Connolly
 
PPTX
Identity in ASP.NET Core
byondrejbalas
 
PPTX
Visual studio 2012 - What's in it for me?
byJeff Bramwell
 
PDF
Magento 2 - Meet Magento 2014 DE
byTobias Zander
 
PDF
WordPress Custom Post Types
byMark Jaquith
 
PPTX
Zero credential development with managed identities
byJoonas Westlin
 
PPTX
WordPress for Applications
byMateusz Michalik
 
Related Content
byBarry Kooij
 
ASP.NET 13 - Security
byRandy Connolly
 
Identity in ASP.NET Core
byondrejbalas
 
Visual studio 2012 - What's in it for me?
byJeff Bramwell
 
Magento 2 - Meet Magento 2014 DE
byTobias Zander
 
WordPress Custom Post Types
byMark Jaquith
 
Zero credential development with managed identities
byJoonas Westlin
 
WordPress for Applications
byMateusz Michalik
 

What's hot

PPTX
SenchaCon 2016: Being Productive with the New Sencha Fiddle - Mitchell Simoens
bySencha
 
PPTX
Build Authentication in Conversational AI
byMicrosoft Tech Community
 
PPTX
New Web Revolution - html5 and css3
byNitish Surelia
 
PPTX
Building a document e-signing workflow with Azure Durable Functions
byJoonas Westlin
 
PDF
Breaking Dependencies to Allow Unit Testing
bySteven Smith
 
PPTX
Breaking Dependencies to Allow Unit Testing
bySteven Smith
 
PDF
Testing course content converted
byShreemInstituteProfe
 
PDF
SPUnite17 Content Type Deployment Hub 2.0
byNCCOMMS
 
PPTX
Design for scale
byDoug Lampe
 
SenchaCon 2016: Being Productive with the New Sencha Fiddle - Mitchell Simoens
bySencha
 
Build Authentication in Conversational AI
byMicrosoft Tech Community
 
New Web Revolution - html5 and css3
byNitish Surelia
 
Building a document e-signing workflow with Azure Durable Functions
byJoonas Westlin
 
Breaking Dependencies to Allow Unit Testing
bySteven Smith
 
Breaking Dependencies to Allow Unit Testing
bySteven Smith
 
Testing course content converted
byShreemInstituteProfe
 
SPUnite17 Content Type Deployment Hub 2.0
byNCCOMMS
 
Design for scale
byDoug Lampe
 

Viewers also liked

PDF
Semantic Web For Dummies
byJeffrey T. Pollock
 
PPTX
Authentication vs authorization
byFrank Victory
 
PPTX
Authentication and Authorization in Asp.Net
byShivanand Arur
 
PDF
Fundamentals of Web for Non-Developers
byLemi Orhan Ergin
 
PPT
Basic Web Concepts
byCherry Ann Labandero
 
PPT
Web Application Development Fundamentals
byMohammed Makhlouf
 
ODP
Web 3.0 The Semantic Web
byHatem Mahmoud
 
PDF
Fundamentals of Web Development For Non-Developers
byLemi Orhan Ergin
 
PPTX
Introduction to Web Architecture
byChamnap Chhorn
 
PDF
Teaching Students with Emojis, Emoticons, & Textspeak
byShelly Sanchez Terrell
 
Semantic Web For Dummies
byJeffrey T. Pollock
 
Authentication vs authorization
byFrank Victory
 
Authentication and Authorization in Asp.Net
byShivanand Arur
 
Fundamentals of Web for Non-Developers
byLemi Orhan Ergin
 
Basic Web Concepts
byCherry Ann Labandero
 
Web Application Development Fundamentals
byMohammed Makhlouf
 
Web 3.0 The Semantic Web
byHatem Mahmoud
 
Fundamentals of Web Development For Non-Developers
byLemi Orhan Ergin
 
Introduction to Web Architecture
byChamnap Chhorn
 
Teaching Students with Emojis, Emoticons, & Textspeak
byShelly Sanchez Terrell
 

Similar to Who are you?

PPTX
Asp.Net Identity
byMarwa Ahmad
 
PPTX
Mvc by asp.net development company in india - part 2
byiFour Institute - Sustainable Learning
 
PPTX
Asp.net identity dot netconf
byrustd
 
PPTX
Microsoft asp.net identity security
byrustd
 
PDF
ASP.NET Identity
bySuzanne Simmons
 
PPTX
What's New in ASP.NET Identity - TRINUG Sept 2014
byDerek Smith
 
PPTX
Asp.net membership anduserroles_ppt
byShivanand Arur
 
PPT
ASP.NET Identity - O Novo componente de Membership do ASP.NET
byEduardo Pires
 
PDF
SharePoint Saturday The Conference DC - Are you who you say you are share poi...
byLiam Cleary [MVP]
 
PPTX
Profile
byaspnet123
 
PPTX
SharePoint Authentication And Authorization SPTechCon San Francisco
byLiam Cleary [MVP]
 
PPS
08 asp.net session11
byNiit Care
 
PDF
What is ASP.NET and Why do we need it?
byNatural Group
 
PPSX
ZubZib Black Coffee #9 - ASP.NET Identity
byNon Intanon
 
PPTX
ASP.NET Presentation
bydimuthu22
 
PPTX
Scaling asp.net websites to millions of users
byoazabir
 
PDF
Web Development with ASP.NET: Taking Control of the Digital World
bycompany
 
PPTX
2009 - NRW Conf: (ASP).NET Membership
byDaniel Fisher
 
PPTX
Security asp.net application
byZAIYAUL HAQUE
 
PPTX
Creating Dynamic Web Application Using ASP.Net 3 5_MVP Alezandra Buencamino N...
byQuek Lilian
 
Asp.Net Identity
byMarwa Ahmad
 
Mvc by asp.net development company in india - part 2
byiFour Institute - Sustainable Learning
 
Asp.net identity dot netconf
byrustd
 
Microsoft asp.net identity security
byrustd
 
ASP.NET Identity
bySuzanne Simmons
 
What's New in ASP.NET Identity - TRINUG Sept 2014
byDerek Smith
 
Asp.net membership anduserroles_ppt
byShivanand Arur
 
ASP.NET Identity - O Novo componente de Membership do ASP.NET
byEduardo Pires
 
SharePoint Saturday The Conference DC - Are you who you say you are share poi...
byLiam Cleary [MVP]
 
Profile
byaspnet123
 
SharePoint Authentication And Authorization SPTechCon San Francisco
byLiam Cleary [MVP]
 
08 asp.net session11
byNiit Care
 
What is ASP.NET and Why do we need it?
byNatural Group
 
ZubZib Black Coffee #9 - ASP.NET Identity
byNon Intanon
 
ASP.NET Presentation
bydimuthu22
 
Scaling asp.net websites to millions of users
byoazabir
 
Web Development with ASP.NET: Taking Control of the Digital World
bycompany
 
2009 - NRW Conf: (ASP).NET Membership
byDaniel Fisher
 
Security asp.net application
byZAIYAUL HAQUE
 
Creating Dynamic Web Application Using ASP.Net 3 5_MVP Alezandra Buencamino N...
byQuek Lilian
 

More from Josh Gillespie

PPTX
Introduction to Containers: What, Why, and How
byJosh Gillespie
 
PPTX
Practical Security Practices: Threat Modeling
byJosh Gillespie
 
PPTX
Exposing the Spy in Your Pocket
byJosh Gillespie
 
PPTX
Automation: PowerShell & DSC
byJosh Gillespie
 
PPTX
Teaching the cloud to think
byJosh Gillespie
 
PPTX
A Pragmatic Introduction to Unit Testing
byJosh Gillespie
 
PPTX
Dude, I just stepped into your code
byJosh Gillespie
 
PPTX
A DevOps Discussion
byJosh Gillespie
 
Introduction to Containers: What, Why, and How
byJosh Gillespie
 
Practical Security Practices: Threat Modeling
byJosh Gillespie
 
Exposing the Spy in Your Pocket
byJosh Gillespie
 
Automation: PowerShell & DSC
byJosh Gillespie
 
Teaching the cloud to think
byJosh Gillespie
 
A Pragmatic Introduction to Unit Testing
byJosh Gillespie
 
Dude, I just stepped into your code
byJosh Gillespie
 
A DevOps Discussion
byJosh Gillespie
 

Recently uploaded

PPTX
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PDF
How to build hackthon projects from ZERO!
byishantyadav1111
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
PDF
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
PPTX
Cyber security chapter 1 for learning and educating to the students who want ...
byGulMohammadi
 
PDF
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
PPTX
Career-Opportunities in Industrial Arts Grade 8 PPT Lesson 2
byFSBTLEDNathanVince
 
PDF
Safer’s Picks: The 5 FME Transformers You Didn’t Know You Needed
bySafe Software
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PPTX
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PDF
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PDF
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
How to build hackthon projects from ZERO!
byishantyadav1111
 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
Cyber security chapter 1 for learning and educating to the students who want ...
byGulMohammadi
 
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
Career-Opportunities in Industrial Arts Grade 8 PPT Lesson 2
byFSBTLEDNathanVince
 
Safer’s Picks: The 5 FME Transformers You Didn’t Know You Needed
bySafe Software
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 

Who are you?

  • 1.
    Who are you? Digging into ASP.NET Identity 2.1 Josh Gillespie
  • 2.
  • 3.
    What i san Ident i t y?
  • 4.
    What is anIdentity? • Proof that you are who you say you are. (authentication) • The things are you permitted to do. (authorization) • Other information we (need to) know about you? (profile)
  • 5.
    History of Identityin .NET • Forms and Windows Authentication • ASP.NET Providers • Released with .NET 2.0 (2005) • Addressed common site membership requirements • ASP.NET Simple Membership • Released with VS2010 SP1 • ASP.NET Universal Providers
  • 6.
    ASP.NET Providers Pros • Simple to setup • “Just works” Cons • Extensibility was hard • Testing was hard • Other Auth approaches were hard • Dependent on SQL Server • Profile was hard to query • Dependent on Forms Auth
  • 7.
    ASP.NET Simple Providers Pros • Profile was improved • Easier to add to Web page apps Cons • Non-relational stores are hard • Still FormsAuth dependent • Not extensible
  • 8.
    ASP.NET Universal Providers Pros • Database was cleaned up • Used EF Code First • Can use any EF supported store Cons • Built on Membership, same limitations
  • 9.
    ASP.NET Ident it y Currently 2.1
  • 10.
    Goals • Useableeverywhere (One ASP.NET) • Easy profile access • Persistence agnostic • Testable • Role-based Authorization • Claims-based Authorization • Third-party Authentication • Azure AD • OWIN Integrated • NuGet package
  • 11.
    So where wouldyou s tar t?
  • 12.
    Interfaces • Entities(IUser, IRole, IClaim, etc) • Stores (IUserStore, IRoleStore, etc) • Managers • Misc supporting classes • TokenProviders • Validators • Factories
  • 13.
    Application Managers Stores Data Access Layer Data Storage Token Providers Validators Services Factories Entities
  • 14.
    Closer look Decompileand look at one “Stack”
  • 15.
    Fi le New Projec t What do I get fresh out of the box?
  • 16.
    Demo Opt ions 1. Change the Primary Key 2. Add a Two-Factor Authenticator Provider
  • 17.
    Takeaways • Whenshould you use ASP.NET Identity? • What is it good for, what is it not good for? • Implement only what you need.
  • 18.
    Di s cuss ion
  • 19.
    Thank you! Josh.Gillespie@PolarisSolutions.com @jcgillespie http://awaitwisdom.com

Editor's Notes

  • #9 Designed for Azure SQL
  • #15 ID and UserName